With the migration of many BPOS accounts to Office 365 there have been some major changes to the back-end resulting in a different method connecting via PowerShell in order to use command line syntax.<\/p>\n
To use the PowerShell command line syntax for Office 365 you first need to initiate a connection to the 365 servers:<\/p>\n
Powershell using “Microsoft Online Services Module for Windows PowerShell”<\/strong><\/p>\n You may experience the following error when running Powershell Commands:<\/p>\n “File cannot be loaded because the execution of scripts is disabled on this system”<\/em><\/p>\n You can run this command to remove the execution restriction.<\/p>\n Open Connection:<\/strong><\/p>\n Enter admin credentials for required domain:<\/strong><\/p>\n Lock\/Unlock User Account:<\/strong><\/p>\n Configure Mail Forwarding:<\/strong><\/p>\n Configure Send As permissions:<\/strong><\/p>\n In this command line, “admin@example.com” represents the mailbox, contact, or distribution group that you want to grant rights to and is the user who you want to grant Send As rights.<\/p>\n To verify that the permissions are applied:<\/strong><\/p>\n In the results, you should be able to confirm thathas Send As rights granted. These rights can be assigned to a user, mailbox or group Active Directory objects.<\/p>\n Grant full mailbox access, Grant a user full mailbox access to a user other than the mailbox owner:<\/strong><\/p>\n In this command line, “user@example.com” represents the mailbox that you want to grant rights to and “admin@example.com” is the mailbox of the user who you want to grant Full Access rights.<\/p>\n I always get this messed up! the “user” is who’s account you want to access i.e. helpdesk@ support@ etc. The “admin” is the users account who needs the access i.e. dom@ user@ etc. Only users that have Exchange mailboxes can be granted access to other mailboxes. Users who do not have mailboxes receive a permissions error when they try to access the other mailboxes.<\/p>\n Remove Mailbox Access:<\/strong><\/p>\n To verify that the permissions are applied to the mailbox:<\/strong><\/p>\n In the results, you should be able to confirm that <Mailbox2> has Full Access rights granted.<\/p>\n Configure “Send on behalf” permissions, Grant a user the ability to send mail on behalf of another user:<\/strong><\/p>\n In this command line, user@example.com represents the mailbox that you want to grant permissions to and admin@example.com is the mailbox of the user who you want to grant access.<\/p>\n To verify that the “SendOnBehalf” permissions are applied:<\/strong><\/p>\n Find out whether a password is set to never expire:<\/strong><\/p>\n Set a password to never expire (Individual) Set a password expiry (All Users)<\/strong><\/p>\n Powershell Commands <\/strong><\/p>\n Useful URLs:<\/strong><\/p>\n Links:<\/strong><\/p>\n Created Shared mailboxes:<\/strong> With the migration of many BPOS accounts to Office 365 there have been some major changes to the back-end resulting in a different method connecting via PowerShell in order to use command line syntax. To use the PowerShell command line syntax for Office 365 you first need to initiate a connection to the 365 servers: […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[14,40,42],"tags":[],"class_list":["post-916","post","type-post","status-publish","format-standard","hentry","category-microsoft","category-online-services","category-office-365"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pOPt8-eM","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/posts\/916","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/comments?post=916"}],"version-history":[{"count":3,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/posts\/916\/revisions"}],"predecessor-version":[{"id":3672,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/posts\/916\/revisions\/3672"}],"wp:attachment":[{"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/media?parent=916"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/categories?post=916"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/tags?post=916"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Set-ExecutionPolicy Unrestricted<\/pre>\n
$LiveCred = Get-Credential<\/pre>\n
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https:\/\/ps.outlook.com\/powershell -Credential $LiveCred -Authentication Basic -AllowRedirection<\/pre>\n
Import-PSSession $Session<\/pre>\n
Set-MsolUser -UserPrincipalName user@example.com \u2013blockcredential $false<\/strong><\/pre>\n
Set-MsolUser -UserPrincipalName user@example.com \u2013blockcredential $true<\/strong><\/pre>\n
Set-Mailbox -Identity user@example.com -ForwardingAddress admin@example.com -DeliverToMailboxAndForward $true<\/pre>\n
Add-RecipientPermission -Identity user@example.com -Trustee admin@example.com -AccessRights SendAs<\/pre>\n
Get-RecipientPermission -Identity | Select Trustee, AccessControlType, AccessRights<\/pre>\n
Add-MailboxPermission -Identity user@example.com -User admin@example.com -AccessRights FullAccess -InheritanceType All<\/pre>\n
\nIf an administrator wants to grant a user access to a room mailbox<\/a>, the administrator may want to specify that user as the Owner:<\/p>\nAdd-MailboxPermission -Identity -Owner<\/pre>\n
Remove-MailboxPermission user@example.com -User admin@example.com -AccessRights FullAccess -InheritanceType All<\/pre>\n
Get-MailboxPermission -Identity user@example.com | Select User, AccessRights, Deny<\/pre>\n
Set-Mailbox -Identity user@example.com -GrantSendOnBehalfTo admin@example.com<\/pre>\n
Get-Mailbox -Identity admin@example.com | Select GrantSendOnBehalfTo<\/pre>\n
Get-MSOLUser -UserPrincipalName admin@example.com | Select PasswordNeverExpires<\/pre>\n
Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires<\/pre>\n
\n<\/strong><\/p>\nSet-MsolUser -UserPrincipalName user@example.com -PasswordNeverExpires $true<\/strong><\/pre>\n
Set-MsolUser -UserPrincipalName user@example.com -PasswordNeverExpires $false<\/strong><\/pre>\n
Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true<\/strong><\/pre>\n
Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $false<\/strong><\/pre>\n
\n
\n
\nNote: This code needs some further work in order to actually create a shared mailbox, but it provides enough of the command line to google a guide.<\/p>\nAdd-MailboxPermission \"support@domain.com\" -User supportMailbox_SG@domain.com -AccessRights FullAccess<\/pre>\n","protected":false},"excerpt":{"rendered":"