With the migration of many BPOS accounts to Office 365 there have been some major changes to the back-end resulting in a different method connecting via PowerShell in order to use command line syntax.
To use the PowerShell command line syntax for Office 365 you first need to initiate a connection to the 365 servers:
Powershell using “Microsoft Online Services Module for Windows PowerShell”
You may experience the following error when running Powershell Commands:
“File cannot be loaded because the execution of scripts is disabled on this system”
You can run this command to remove the execution restriction.
$LiveCred = Get-Credential
Enter admin credentials for required domain:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $LiveCred -Authentication Basic -AllowRedirection
Lock/Unlock User Account:
Set-MsolUser -UserPrincipalName email@example.com –blockcredential <strong>$false</strong>
Set-MsolUser -UserPrincipalName firstname.lastname@example.org –blockcredential <strong>$true</strong>
Configure Mail Forwarding:
Set-Mailbox -Identity email@example.com -ForwardingAddress firstname.lastname@example.org -DeliverToMailboxAndForward $true
Configure Send As permissions:
Add-RecipientPermission -Identity email@example.com -Trustee firstname.lastname@example.org -AccessRights SendAs
In this command line, “email@example.com” represents the mailbox, contact, or distribution group that you want to grant rights to and is the user who you want to grant Send As rights.
To verify that the permissions are applied:
Get-RecipientPermission -Identity | Select Trustee, AccessControlType, AccessRights
In the results, you should be able to confirm thathas Send As rights granted. These rights can be assigned to a user, mailbox or group Active Directory objects.
Grant full mailbox access, Grant a user full mailbox access to a user other than the mailbox owner:
Add-MailboxPermission -Identity firstname.lastname@example.org -User email@example.com -AccessRights FullAccess -InheritanceType All
In this command line, “firstname.lastname@example.org” represents the mailbox that you want to grant rights to and “email@example.com” is the mailbox of the user who you want to grant Full Access rights.
I always get this messed up! the “user” is who’s account you want to access i.e. helpdesk@ support@ etc. The “admin” is the users account who needs the access i.e. dom@ user@ etc.
If an administrator wants to grant a user access to a room mailbox, the administrator may want to specify that user as the Owner:
Add-MailboxPermission -Identity -Owner
Only users that have Exchange mailboxes can be granted access to other mailboxes. Users who do not have mailboxes receive a permissions error when they try to access the other mailboxes.
Remove Mailbox Access:
Remove-MailboxPermission firstname.lastname@example.org -User email@example.com -AccessRights FullAccess -InheritanceType All
To verify that the permissions are applied to the mailbox:
Get-MailboxPermission -Identity firstname.lastname@example.org | Select User, AccessRights, Deny
In the results, you should be able to confirm that <Mailbox2> has Full Access rights granted.
Configure “Send on behalf” permissions, Grant a user the ability to send mail on behalf of another user:
Set-Mailbox -Identity email@example.com -GrantSendOnBehalfTo firstname.lastname@example.org
In this command line, email@example.com represents the mailbox that you want to grant permissions to and firstname.lastname@example.org is the mailbox of the user who you want to grant access.
To verify that the “SendOnBehalf” permissions are applied:
Get-Mailbox -Identity email@example.com | Select GrantSendOnBehalfTo
Find out whether a password is set to never expire:
Get-MSOLUser -UserPrincipalName firstname.lastname@example.org | Select PasswordNeverExpires
Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires
Set a password to never expire (Individual)
Set-MsolUser -UserPrincipalName email@example.com -PasswordNeverExpires <strong>$true</strong>
Set-MsolUser -UserPrincipalName firstname.lastname@example.org -PasswordNeverExpires <strong>$false</strong>
Set a password expiry (All Users)
Get-MSOLUser | Set-MsolUser -PasswordNeverExpires <strong>$true</strong>
Get-MSOLUser | Set-MsolUser -PasswordNeverExpires <strong>$false</strong>
- http://technet.microsoft.com/en-us/library/dd351134.aspx (Mail Forwarding)
- Office 365 Portal: https://portal.microsoftonline.com/
- Office 365 Mail (direct): http://mail.office365.com
Created Shared mailboxes:
Note: This code needs some further work in order to actually create a shared mailbox, but it provides enough of the command line to google a guide.
Add-MailboxPermission "email@example.com" -User supportMailbox_SG@domain.com -AccessRights FullAccess