This morning when trying to install the PowerShell Module for Exchange Online from the ECP,
I came accross this error message
Even though this is not a very serious issue, it may cause you lose your time. So to avoid this error message, use Internet Explorer to connect to the ECP and the installation will be possible.
Thank you.
Did you ever need to find in your Office 365 tenant :
If yes, this article may help you achieve your goal. Find below how to process. To install the Microsoft Online Service Module for Powershell, please follow the instruction in the paragraph Connect with the Microsoft Azure Active Directory Module for Windows PowerShell of this link :
https://docs.microsoft.com/en-us/office365/enterprise/powershell/connect-to-office-365-powershell
When you are ready, open a Powershell console and Sign in to your Office 365 tenant with an Admin Account using this command line
Connect-MsolService
Run the below Powershell fonction :
function Get-ConflictingAttributes { [Cmdletbinding()] param ( [Parameter(mandatory=$true)] [String]$SearchValue ) $SearchTable = @{} Write-Host "Searching began :" $(Get-Date) -ForegroundColor Green #Searching in all ProxyAddresses Write-Host "Searching User and Guest accounts" $(Get-Date) -ForegroundColor Yellow $User = Get-MsolUser -All | Where-Object {($_.UserPrincipalName -match $SearchValue) -or ($_.ProxyAddresses -match $SearchValue)} #Searching in all deleted users Write-Host "Searching Deleted accounts" $(Get-Date) -ForegroundColor Yellow $Del = Get-MsolUser -All -ReturnDeletedUsers | Where-Object {($_.UserPrincipalName -match $SearchValue) -or ($_.ProxyAddresses -match $SearchValue)} #Searching in contacts Write-Host "Searching Contacts" $(Get-Date) -ForegroundColor Yellow $Contact = Get-MsolContact -All | Where-Object {$_.EmailAddress -match $SearchValue} Write-Host "Searching ended :" $(Get-Date) -ForegroundColor Green if ($User){ $SearchTable.Add($User.UserType,$User) | Out-Null } if ($Del){ $SearchTable.Add($Del.UserType,$Del) | Out-Null } if ($Contact){ $SearchTable.Add("Contact",$Contact) | Out-Null } return $SearchTable }
Now, suppose that you want to know which account in your Office 365 tenant is using the email address john.doe@koafric.com, it’ simple, run this command line in the Powershell console you previously opened :
$Result = Get-ConflictingAttributes -SearchValue "john.doe@koafric.com"
To see the result :
We can see that the object using the value “john.doe@koafric.com” is a contact and this value is set on his EmailAddress.
Hello, here I am back with another script to share with you. Recently a client asked me how to change locale of OneDrive in bulk for his Office 365 users. The thing is that his Office 365 tenant has been created with french as default language, whereas there are many englishspeaking people in the company.
All Excel files created in OneDrive online show formula in French. Really embarrassing for some users.
Of course you can change this default language through OneDrive online site settings > Regional settings
But the big deal is how to manage it for more than twenty thousand users ? This is where you can leverage on the power of PowerShell. Here is a script to help you achieve this goal.
<#
.SYNOPSIS
This script allows you to change regional settings in Office 365 OneDrive For Business.
.DESCRIPTION
This script allows you to change regional settings in Office 365 OneDrive For Business.
.PARAMETER UpnPath
Full path to upns TXT or CSV file (without header), one UserPrincipalName (upn) per line.
.PARAMETER creds
Specify Admintrator UserPrincipalName
.PARAMETER SiteURL
Specify SharePoint Admin site url : "https://<yourtenant>-admin.sharepoint.com/", replace <tenant> with your tenant name
.PARAMETER ODUrl
Specify OneDrive For Business url : "https://<yourtenant>-my.sharepoint.com/Personal/, replace <tenant> with your tenant name
.PARAMETER LocaleID
Specify the Locale ID. The locale ID for US english (en-us) is 1033
.EXAMPLE
Set-OD4BLocale -UpnPath "C:\upns.txt" -creds "admin@mytenant.onmicrosoft.com" -SiteURL "https://mytenant-admin.sharepoint.com/" -ODUrl "https://mytenant-my.sharepoint.com/Personal/" -LocaleID 1033
.NOTES
Version : 1.0
Auteur : Jean-Marie AGBO
Date de création : 04/12/2018
Version 1.0 : Développement initial
#>
Function Set-OD4BLocale{
[CmdletBinding()]
Param(
[parameter(Mandatory=$true)]
[String]$UpnPath,
[parameter(Mandatory=$true)]
[PSCredential]$creds,
[parameter(Mandatory=$true)]
[string]$SiteURL,
[parameter(Mandatory=$true)]
[string]$ODUrl,
[parameter(Mandatory=$false)]
[string]$LocaleID = "1033"
)
#Connect msol service
Connect-SPOService -Url $SiteURL -Credential $creds
#Add references to SharePoint client assemblies and authenticate to Office 365 site - required for CSOM
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.UserProfiles.dll"
#Import upn file
$Upns = Get-Content -Path $UpnPath
foreach ($upn in $Upns){
#Building user ODrive Full Url
Write-Host "Building ODrive Full Url for $upn" -ForegroundColor Yellow
$ODriveFullUrl = $ODUrl + $Upn.Replace("@","_").replace('.','_')
#Adding Admin access to user OneDrive
Write-Host "Adding Admin access to $upn OneDrive" -ForegroundColor Yellow
Set-SPOUser -Site $ODriveFullUrl -LoginName $creds.UserName -IsSiteCollectionAdmin $true | Out-Null
#Bind to OD4B Site and change locale
Write-Host "Changing Locale for $upn" -ForegroundColor Yellow
$spocreds = [Microsoft.SharePoint.Client.SharePointOnlineCredentials]::new($Creds.UserName,$creds.Password)
$Context = New-Object Microsoft.SharePoint.Client.ClientContext($ODriveFullUrl)
$Context.Credentials = $spocreds
$Context.ExecuteQuery()
$Context.Web.RegionalSettings.LocaleId = $Locale
$Context.Web.Update()
$Context.ExecuteQuery()
#Removing Admin access from User OneDrive
Write-Host "Removing Admin access from $upn OneDrive" -ForegroundColor Green
Set-SPOUser -Site $ODriveFullUrl -LoginName $creds.UserName -IsSiteCollectionAdmin $false | Out-Null
}
}
How to run the script ?
Set-OD4BLocale -UpnPath "C:\upns.txt" -creds "admin@mytenant.onmicrosoft.com" -SiteURL "https://mytenant-admin.sharepoint.com/" -ODUrl "https://mytenant-my.sharepoint.com/Personal/" -LocaleID 1033
The upns.txt file must contain the UserPrincipalName of users you want to change the locale.
fname1@mytenant.com
fname2@mytenant.com
fname3@mytenant.com
fname4@mytenant.com
You can get help on the script. Run it and use the below PowerShell command line :
Get-Help Set-OD4BLocale -Full
After changing the default language:
Now, you can check your change by creating an excel file in OneDrive Online and note that the formula are in english.
Et voilà 🙂 !
Hello, I’am sharing with you how to manage Roles in Office 365 using PowerShell. It can be helpful for Office 365 administrators. The topics covered in this post are :
Ready, let’s go now…
First of all, connect to your Office 365 tenant
PS C:\> Connect-MsolService
If you don’t have PowerShell Module for Office 365 installed, follow this link.
List all administrative roles of your Office 365 tenant
PS C:\> Get-MsolRole
ObjectId Name Description
-------- ---- -----------
729827e3-9c14-49f7-bb1b-9608f156bbb8 Helpdesk Administrator Can reset passwords for non-administrators and Helpdesk Administrators.
f023fd81-a637-4b56-95fd-791ac0226033 Service Support Administrator Can read service health information and manage support tickets.
b0f54661-2d74-4c50-afa3-1ec803f12efe Billing Administrator Can perform common billing related tasks like updating payment information.
4ba39ca4-527c-499a-b93d-d9b492c50246 Partner Tier1 Support Do not use - not intended for general use.
e00e864a-17c5-4a4b-9c06-f5b95a8d5bd8 Partner Tier2 Support Do not use - not intended for general use.
88d8e3e3-8f55-4a1e-953a-9b9898b8876b Directory Readers Can read basic directory information. For granting access to applications, not intended for users.
29232cdf-9323-42fd-ade2-1d097af3e4de Exchange Service Administrator Can manage all aspects of the Exchange product.
75941009-915a-4869-abe7-691bff18279e Lync Service Administrator Can manage all aspects of the Skype for Business product.
fe930be7-5e62-47db-91af-98c3a49a38b1 User Account Administrator Can manage all aspects of users and groups, including resetting passwords for limited admins.
9360feb5-f418-4baa-8175-e2a00bac4301 Directory Writers Can read and write basic directory information. For granting access to applications, not intended for users.
62e90394-69f5-4237-9190-012177145e10 Company Administrator Can manage all aspects of Azure AD and Microsoft services that use Azure AD identities.
f28a1f50-f6e7-4571-818b-6a12f2af6b6c SharePoint Service Administrator Can manage all aspects of the SharePoint service.
d405c6df-0af8-4e3b-95e4-4d06e542189e Device Users Device Users
9f06204d-73c1-4d4c-880a-6edb90606fd8 Device Administrators Device Administrators
9c094953-4995-41c8-84c8-3ebb9b32c93f Device Join Device Join
c34f683f-4d5a-4403-affd-6615e00e3a7f Workplace Device Join Workplace Device Join
17315797-102d-40b4-93e0-432062caca18 Compliance Administrator Can read and manage compliance configuration and reports in Azure AD and Office 365.
d29b2b05-8046-44ba-8758-1e26182fcf32 Directory Synchronization Acc... Only used by Azure AD Connect service.
2b499bcd-da44-4968-8aec-78e1674fa64d Device Managers Deprecated - Do Not Use.
9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3 Application Administrator Can create and manage all aspects of app registrations and enterprise apps.
cf1c38e5-3621-4004-a7cb-879624dced7c Application Developer Can create application registrations independent of the 'Users can register applications' setting.
5d6b6bb7-de71-4623-b4af-96380a352509 Security Reader Can read security information and reports in Azure AD and Office 365.
194ae4cb-b126-40b2-bd5b-6091b380977d Security Administrator Security Administrator allows ability to read and manage security configuration and reports.
e8611ab8-c189-46e8-94e1-60213ab1f814 Privileged Role Administrator Can manage role assignments in Azure AD, and all aspects of Privileged Identity Management.
3a2c62db-5318-420d-8d74-23affee5d9d5 Intune Service Administrator Can manage all aspects of the Intune product.
158c047a-c907-4556-b7ef-446551a6b5f7 Cloud Application Administrator Can create and manage all aspects of app registrations and enterprise apps except App Proxy.
5c4f9dcd-47dc-4cf7-8c9a-9e4207cbfc91 Customer LockBox Access Approver Can approve Microsoft support requests to access customer organizational data.
44367163-eba1-44c3-98af-f5787879f96a CRM Service Administrator Can manage all aspects of the Dynamics 365 product.
a9ea8996-122f-4c74-9520-8edcd192826c Power BI Service Administrator Can manage all aspects of the Power BI product.
95e79109-95c0-4d8e-aee3-d01accf2d47b Guest Inviter Can invite guest users independent of the 'members can invite guests' setting.
b1be1c3e-b65d-4f19-8427-f6fa0d97feb9 Conditional Access Administrator Can manage conditional access capabilities.
4a5d8f65-41da-4de4-8968-e035b65339cf Reports Reader Can read sign-in and audit reports.
790c1fb9-7f7d-4f88-86a1-ef1f95c05c1b Message Center Reader Can read messages and updates for their organization in Office 365 Message Center only.
7495fdc4-34c4-4d15-a289-98788ce399fd Information Protection Admini... Can manage all aspects of the Azure Information Protection product.
4d6ac14f-3453-41d0-bef9-a3e0c569773a License Administrator Can manage product licenses on users and groups.
7698a772-787b-4ac8-901f-60d6b08affd2 Cloud Device Administrator Full access to manage devices in Azure AD.
10dae51f-b6af-4016-8d66-8c2a99b929b3 Guest User Default role for guest users. Can read a limited set of directory information.
Find a user administrative role
PS C:\> Get-MsolUserRole -UserPrincipalName user1@mydomain.com ObjectId Name Description -------- ---- ----------- 62e90394-69f5-4237-9190-012177145e10 Company Administrator Can manage all aspects of Azure AD and Microsoft services that use Azure AD identities.
List a role members
Get the role objectId
PS C:\> $role = Get-MsolRole -RoleName "User account Administrator" PS C:\> $role.ObjectId Guid ---- fe930be7-5e62-47db-91af-98c3a49a38b1
Get role members
PS C:\> Get-MsolRoleMember -RoleObjectId $role.ObjectId RoleMemberType EmailAddress DisplayName isLicensed -------------- ------------ ----------- ---------- User user2@mydomain.com user2 True User user3@mydomain.com user3 True User user4@mydomain.com user4 False
Add member to a role
PS C:\> Add-MsolRoleMember -RoleObjectId $role.ObjectId -RoleMemberEmailAddress user5@mydomain.com
Remove member from a Role
PS C:\> Remove-MsolRoleMember -RoleObjectId $role.ObjectId -RoleMemberEmailAddress user3@mydomain.com
Check member removal
PS C:\> Get-MsolRoleMember -RoleObjectId $role.ObjectId RoleMemberType EmailAddress DisplayName isLicensed -------------- ------------ ----------- ---------- User user2@mydomain.com user2 True User user4@mydomain.com user4 False User user5@mydomain.com user5 False
To export Role member in a csv file, use the below command
PS C:\> Get-MsolRoleMember -RoleObjectId $role.ObjectId | Export-Csv -Path C:\MyRoleMembers.csv -Encoding UTF8 -Delimiter ";"
To permanently delete a guest user in your Office 365, follow the steps below.
(1) Check that the account is still active
If your guest user email address is : user1@domain.com then his UserPrincipalName is user1_domain.com#EXT#@tenant.onmicrosoft.com
To check that the guest is still active, use the command lines below
$A = user1_domain.com#EXT#@tenant.onmicrosoft.com Get-MsolUser -UserPrincipalName $A
(2) How to delete guest user
Remove-MsolUser -UserPrincipalName $A
(3) Check that guest user account is present in recycle bin
Get-MsolUser -All -ReturnDeletedUsers | ? {$_.userPrincipalName -eq $A}
(4) How to permanently remove the guest account
Remove-MsolUser -UserPrincipalName $A -RemoveFromRecycleBin
Voilà 🙂
As an Office 365 IT professional, you may need to allocate license to users. There are several ways for doing that. Here, I will show you two ways to achieve your goal.
Option 1 : Allocate licenses in bulk to your Office 365 users using PowerShell
Below is the script I’m sharing with you.
Function Set-o365UsersLicense{ [CmdletBinding()] Param( [Parameter(mandatory=$true)]$upnPath, #Path to the .csv file containing users UserPrincipalName [Parameter(mandatory=$false)]$LicensePlan = "E1", #Office 365 License Plan to be allocated to users [Parameter(mandatory=$false)]$DisabledOptions = "YAMMER_ENTERPRISE", #Disabled Feature [Parameter(mandatory=$true)]$LogPath = "c:\" #Logs path ) $Error.Clear() $LicenseToAdd = $Null $DisableYammer = $False $LicenseOptions = @() #Finding License Plan to activate Switch($LicensePlan){ "E1" { Write-host "You chosed Plan E1" -ForegroundColor Green $LicenseToAdd = "kingo:STANDARDPACK" $LicenseToRemove = "kingo:ENTERPRISEPACK","kingo:WACONEDRIVESTANDARD" } "E3" { Write-host "You chosed Plan E3" -ForegroundColor Green $LicenseToAdd = "kingo:ENTERPRISEPACK" $LicenseToRemove = "kingo:STANDARDPACK","kingo:WACONEDRIVESTANDARD" } "OD" { Write-host "You chosed To assign OneDrive" -ForegroundColor Green $LicenseToAdd = "kingo:WACONEDRIVESTANDARD" $LicenseToRemove = "kingo:STANDARDPACK","kingo:ENTERPRISEPACK" } Default { Write-Host "$LicensePlan is not a valid License Plan parameter !" -ForegroundColor Red } } #Importing users to be assigned License $upns = Import-Csv $upnPath #Checking Licenses availability $MsolAccountSku = Get-MsolAccountSku | ? {$_.AccountSkuId -ilike $LicenseToAdd} $AvailableLics = $MsolAccountSku.ActiveUnits - $MsolAccountSku.ConsumedUnits #Assigning License to user If($AvailableLics -ge $upns.Count){ #Creating not existing upns log file "Not existing upn List" > $($LogPath + "Upns_Not_Exist.log.log") #Defining License options to disable if($DisabledOptions -in $MsolAccountSku.ServiceStatus.ServicePlan.ServiceName){ $LicenseOptions = New-MsolLicenseOptions -AccountSkuId $LicenseToAdd -DisabledPlans $DisabledOptions } #Enabling users Licenses $upns | % { #Checking if user exists before processing with licensing $_.UserPrincipalName If($User = Get-MsolUser -UserPrincipalName $_.UserPrincipalName -ErrorAction SilentlyContinue){ #Getting current user Licenses $CurrentUserLicenses = $User.Licenses.AccountSkuId #Removing unecessary Licenses $LicenseToRemove | %{ if($CurrentUserLicenses -contains $_){ Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $_ } } #Assigning New License to user if not already enabled If($CurrentUserLicenses -notcontains $LicenseToAdd){ #Disable YAMMER if License to add is plan E1, E3 If($LicenseOptions){ Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $LicenseToAdd -LicenseOptions $LicenseOptions -EA SilentlyContinue } Else{ Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $LicenseToAdd } } } Else{ #Logging inexisting user account $User.UserPrincipalName >> $($LogPath + "Upns_Not_Exist.log") } } } Else{ Write-Host "There are $AvailableLics $LicensePlan Licenses available" -ForegroundColor Red Write-Host "Please reduce users list to match available Licenses or Increase available Licenses" -ForegroundColor Red } #Exporting errors log $Error > $($LogPath + "Set_AzureUserLicense_Error.log") Write-Host "Script Logs Location : $LogPath " -ForegroundColor Yellow }
A little description about the script parameters is necessary :
$upnPath : is the full path of the .csv file containing users upns
$LicensePlan : specify the license plan you want to configure
$DisabledOptions : specify the license feature you want to disable. “YAMMER_ENTERPRISE” : designate Yammer as the feature to disable
$LogPath = designate the directory path where to save log files
“kingo” : refer to the name of my Office 365 tenant : kingo.onmicrosoft.com
The upns (UserPrincipalName) csv file must be formated like below :
UserPrincipalName user1@domain.com user2@domain.com user2@domain.com user2@domain.com
Prerequisites for running the script :
How to run the script ?
Set-o365UsersLicense -upnPath c:\upns.csv -LogPath "d:\"
Users will be allocated License E1 with YAMMER disabled, and the log file saved in d:\ path.
If the default parameters does not suit you, you can run a complete command by specifying full parameters like below :
Set-o365UsersLicense -upnPath "c:\upns.csv" -LicensePlan E3 -DisabledOptions "YAMMER_ENTERPRISE" -LogPath "d:\"
To check that users are well assigned licenses, use my previous post Show-LicensesMatrix.
Et voilà… 🙂
Option 2 : Allocate licenses in bulk to your Office 365 users using Azure Active Directory group membership (coming soon…)
Hi, here I’m sharing with you a PowerShell script that can help you if you are working on Office 365.
If ever, you asked yourself one day, how to quickly view the Office 365 licenses configuration for a group of users in your organization, here is a script that can help you achieve that goal.
How does it work :
Step 1 : Connect to Office 365 PowerShell using your Office 365 Admin account. Here is a tuto for that : https://docs.microsoft.com/fr-fr/office365/enterprise/powershell/connect-to-office-365-powershell
Step 2 : Prepare the upns csv file
Open a .txt file and fill it with your users UserPrincipalNames like this :
UserPrincipalName user1@domain.com user2@domain.com user2@domain.com user2@domain.com
Once you are done, save the content as a .csv file.
Step 3 : When your are connected, Copy and pass the below script in your console, and press Enter.
Function Show-LicensesMatrix { [CmdLetBinding()] Param( [Parameter(mandatory=$false)]$upnPath = "C:\Scripts\upns.csv" ) #License Plans correspondence table $LicensePlans = @{ E1 = "kingo:STANDARDPACK" E3 = "kingo:ENTERPRISEPACK" E5 = "kingo:ENTERPRISEPREMIUM" OD = "kingo:WACONEDRIVESTANDARD" } $Us = @() $Users = Import-Csv $upnPath | % {Get-MsolUser -SearchString $_.userPrincipalName} ForEach ($u in $Users) { #Initializing variables $E1 = $E3 = $E5 = $OD = $false #Getting user License Plans if ($u.Licenses.AccountSkuId -contains $LicensePlans.E1){$E1 = $true} if ($u.Licenses.AccountSkuId -contains $LicensePlans.E3){$E3 = $true} if ($u.Licenses.AccountSkuId -contains $LicensePlans.E5){$E5 = $true} if ($u.Licenses.AccountSkuId -contains $LicensePlans.OD){$OD = $true} $Us += New-Object -TypeName PSObject -Property @{ UserPrincipalName = $u.userPrincipalName E1 = $E1 E3 = $E3 E5 = $E5 OD = $OD } } $Us | ft userPrincipalName, E1,E3,E5,OD }
You are ready, run the script now :
The result will look like below :
The meaning of E1, E3, E5 and OD is :
“kingo” : refer to the name of my Office 365 tenant : kingo.onmicrosoft.com
Et voilà… 🙂
Office 365 provides several ways to see user assigned license plans. You can use the admin portal, Azure Powershell or PowerShell for Office 365.
The biggest question is how to see both assigned license plans, enabled license and disabled license features for many users ? Not easy to reach your goal when using the admin portal. The best way is to use PowerShell.
Here, I provide you an Office 365 Powershell script for exporting all your licensed users, with their assigned license plans, their enabled and disabled licenses options.
Function Export-UsersLicensesConfig {
#License Plans correspondence table with friendly name
$LicensePlan = @{
##<companyname>:<Licenseplan> = <license plan friendly name>
"koaf365:AAD_PREMIUM" = "AzureAD Premium Plan 1"
"koaf365:AX7_USER_TRIAL" = "Dynamics AX7.0 TRIAL"
"koaf365:DESKLESSPACK" = "OFFICE 365 F1"
"koaf365:DYN365_ENTERPRISE_P1_IW" = "Dynamics 365 Enterprise Plan1"
"koaf365:DYN365_RETAIL_TRIAL" = "Dynamics 365 CRM TRIAL"
"koaf365:EMS" = "EMS_E3"
"koaf365:EMSPREMIUM" = "EMS_E5"
"koaf365:ENTERPRISEPACK" = "E3"
"koaf365:ENTERPRISEPREMIUM" = "E5"
"koaf365:FLOW_FREE" = "Microsoft Flow"
"koaf365:INTUNE_A_VL" = "Intune Volume License"
"koaf365:MCOMEETADV" = "Skype For Business PSTN Conferencing"
"koaf365:MICROSOFT_BUSINESS_CENTER" = "Microsoft Business Center"
"koaf365:POWER_BI_PRO" = "Power BI PRO"
"koaf365:POWER_BI_STANDARD" = "Power BI Standard"
"koaf365:POWERAPPS_INDIVIDUAL_USER" = "Powerapps Individual User"
"koaf365:POWERAPPS_VIRAL" = "Microsoft PowerApps and Logic flows"
"koaf365:PROJECTPREMIUM" = "Project Online Premium"
"koaf365:STANDARDPACK" = "E1"
"koaf365:STREAM" = "Stream"
"koaf365:VISIOONLINE_PLAN1" = "Visio Online Plan 1"
"koaf365:WACONEDRIVESTANDARD" = "OneDrive For Business Plan 1"
"koaf365:WIN_DEF_ATP" = "Windows Defender Avanced Threat Protection"
}
#Initializing users licenses config table
$Us = @()
#Getting all users list
$Users = Get-MsolUser -All | ?{$_.isLicensed -eq $true}
ForEach($u in $Users){
#Getting assigned user License Plans
$O365Licenses = @()
$u.Licenses.AccountSkuId | % {
$O365Licenses += $LicensePlan."$_"
}
$O365Licenses = [string]::Join(',',$O365Licenses)
#Getting user enabled license features
$EnabledFeature = ($u.Licenses | Select -ExpandProperty ServiceStatus | ?{($_.ProvisioningStatus -eq "Success")}).ServicePlan.ServiceName
If (($EnabledFeature -ne $null) -and ($EnabledFeature.GetType().BaseType.Name -eq "Array")){
$EnabledFeature = [string]::Join(',',$EnabledFeature)
}
#Getting user license disabled features
$DisabledFeature = ($u.Licenses | Select -ExpandProperty ServiceStatus | ?{($_.ProvisioningStatus -eq "Disabled")}).ServicePlan.ServiceName
If (($DisabledFeature -ne $null) -and ($DisabledFeature.GetType().BaseType.Name -eq "Array")){
$DisabledFeature = [string]::Join(',',$DisabledFeature)
}
#Updating users Licenses config table
$u | Add-Member -MemberType NoteProperty -Name EnabledFeature -Value $EnabledFeature -Force
$u | Add-Member -MemberType NoteProperty -Name DisabledFeature -Value $DisabledFeature -Force
$u | Add-Member -MemberType NoteProperty -Name O365Licenses -Value $O365Licenses -Force
$Us += $u
}
#Exporting user License config
$Us | Select userPrincipalName, O365Licenses, EnabledFeature, DisabledFeature | Export-Csv UserLicensesConfig.csv -NoTypeInformation -Delimiter ";" -Encoding UTF8
}
koaf365 : is the company name that I provided when I enrolled in Office 365, and is unique for my organization.
When you run the script :
> Export-UsersLicensesConfig
The generated UserLicensesConfig.csv file content should be like below.
| UserPrincipalName | O365Licenses | EnabledFeature | DisabledFeature |
| user1@agbo.blog | E1 | BPOS_S_TODO_1, FORMS_PLAN_E1, STREAM_O365_E1, Deskless, FLOW_O365_P1, POWERAPPS_O365_P1, TEAMS1, SHAREPOINTWAC, PROJECTWORKMANAGEMENT, SWAY, MCOSTANDARD, SHAREPOINTSTANDARD, EXCHANGE_S_STANDARD | YAMMER_ENTERPRISE |
| user2@agbo.blog | OneDrive For Business Plan 1 | FORMS_PLAN_E1,SWAY,SHAREPOINTWAC,ONEDRIVESTANDARD | |
| user3@agbo.blog | E1,OneDrive For Business Plan 1 | BPOS_S_TODO_1, STREAM_O365_E1, Deskless, FLOW_O365_P1, POWERAPPS_O365_P1, TEAMS1,PROJECTWORKMANAGEMENT,YAMMER_ENTERPRISE, MCOSTANDARD, SHAREPOINTSTANDARD, EXCHANGE_S_STANDARD, FORMS_PLAN_E1, SWAY, SHAREPOINTWAC, ONEDRIVESTANDARD | FORMS_PLAN_E1, SHAREPOINTWAC, SWAY |
| user4@agbo.blog | E1,Microsoft Business Center | BPOS_S_TODO_1, STREAM_O365_E1, Deskless, FLOW_O365_P1, POWERAPPS_O365_P1, TEAMS1, PROJECTWORKMANAGEMENT, YAMMER_ENTERPRISE, MCOSTANDARD, SHAREPOINTSTANDARD, EXCHANGE_S_STANDARD, MICROSOFT_BUSINESS_CENTER | FORMS_PLAN_E1, SHAREPOINTWAC, SWAY |
| user5@agbo.blog | OneDrive For Business Plan 1 | FORMS_PLAN_E1, SWAY, SHAREPOINTWAC, ONEDRIVESTANDARD |
There you go 🙂 !!!
Nous progressons avec la 3ème et dernière partie de ce poste. La préparation et l’installation des agents Intune étant terminées, nous pouvons maintenant déployer Office 365 ProPlus 2016. Ce déploiement se fera en deux étapes.
Etape 1: Ajouter une application
Indiquer le chemin d’accès du setup d’office 365 ProPlus téléchargé précédemment.
Dans la page suivante, indiquer le nom de l’éditeur, de l’application que vous installez ainsi qu’une description de cette dernière. Ces cases ont obligatoires.
Nous ajoutons ici la clé de détection de l’application, elle nous permet de savoir si Office 365 ProPlus 2016 est déjà installée. Dans lequel cas l’outil ne tentera pas une nouvelle installation.
Nous utilisons comme clé de détection :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\O365ProPlusRetail - fr-fr
Il vous faut maintenant spécifier l’argument de ligne de commande qui va permettre une installation basée sur le fichier internet.xml.
Pour le déploiement depuis le dépôt local, utiliser l’argument avec le fichier local.xml : /configure local.xml que nous avons vu dans l’article précédent.
Cliquer sur Télécharger pour terminer la configuration.
Etape 2 : Déployer l’application
Retourner dans la console de gestion intune, cliquer-droit sur l’application que vous venez de rajouter, sélectionner l’option Gérer le déploiement.
Rechercher le groupe de déploiement O365-PCS et Ajouter-le. L’objectif est d’installer l’application sur l’ensemble des postes qui sont membres de ce groupe.
Indiquer une échéance pour l’installation. Cela permet à l’agent Intune présent sur le poste de débuter l’installation, théoriquement, à l’échéance indiquée.
Cliquer sur Terminer.
L’installation débute dès que l’agent Intune présent sur le poste reçoit l’information, il tient compte bien entendu de l’échéance indiquée. Un processus OfficeClickToRun.exe s’exécute sur les PCs membres du groupe de déploiement O365-PCs. Vous pouvez l’observer dans le gestionnaire de tâches sous l’onglet Détails. Sur l’ordinateur vous verrez les icônes de Microsoft Office apparaître au fur et à mesure que l’installation avance.
Une fois l’installation terminée vous pouvez vérifier dans le panneau de configuration que Microsoft Office 365 Proplus est bien listé:
