When we use the term “Office 365” the meaning is the part that serves as an “envelope” to all other Office 365 Services/Applications.
This part includes components such as user and group object (Windows Azure Active Directory), Domain name’s management, mail migration, SSO (Single sign on), subscription and license management, etc.
In this article, we will review some popular administrative task using PowerShell.
Article Table of content | Click to Expand
PowerShell | Help & additional information
In case that you are a novice in the PowerShell environment, you can use the following link to get more information about the “first steps” such as: downloading the required PowerShell
software components, how to use the PowerShell console, running a PowerShell script, etc.
| Link Table |
PowerShell Naming Conventions & general information If you want to get more information about the Naming Conventions that we use for this article and get some general tips about: how to work with the PowerShell, read the article: Help and additional information – o365info.com PowerShell articles |
Create remote PowerShell session Before we can use the required PowerShell commands, we need to download and install the Office 365 cmdlets + create remote PowerShell session to Office 365 or Exchange Online. If you need more information about how to create a remote PowerShell session read the following articles: Part 2: Connect to Office 365 by using Remote PowerShell and Part 3: Connect to Exchange Online by using Remote PowerShell |
How to use a PowerShell script Most of the PowerShell articles include a PowerShell script that simplifies the use of the PowerShell commands. If you want to get more information about: How to use a PowerShell script, read the article: Connect to Office 365 and Exchange Online using a script |
PowerShell command and Script languish in more details If you are new to the PowerShell world, you can read more information about PowerShell in Office 365 environment in the article: The Power of PowerShell |
Section A: Office 365 users Password management
Set Password never expired for Office 365 user
PowerShell command Syntax
1 | Set-msoluser –UserPrincipalName <Identity> -PasswordNeverExpires $True |
PowerShell command Example
1 | Set-MsolUser –UserPrincipalName John@o365info.com -PasswordNeverExpires $True |
Disable Password never expired option for a Office 365 user
PowerShell command Syntax
1 | Set-MsolUser –UserPrincipalName <Identity> -PasswordNeverExpires $False |
PowerShell command Example
1 | Set-MsolUser -UserPrincipalName John@o365info.com -PasswordNeverExpires $False |
Set Password never expired for ALL Office 365 users (BulkMode)
PowerShell command Syntax
1 | Get-MsolUser | Set-MsolUser –PasswordNeverExpires $True |
Set a Predefined Password for Office 365 user
PowerShell command Syntax
1 | Set-MsolUserPassword –UserPrincipalName <Identity> –NewPassword <Password> -ForceChangePassword $False |
PowerShell command Example
1 | Set-MsolUserPassword -UserPrincipalName John@o365info.com -NewPassword ww#322x -ForceChangePassword $False |
Set a Predefined Password for Office 365 users imported from a CSV File
Step 1: Export Office 365 users account
PowerShell command Syntax
1 | Get-MsolUser | Select UserPrincipalName|Export-CSV |
Step 2: Set a Predefined Password
1 | Import-CSV |%{Set-MsolUserPassword -userPrincipalName $_.UserPrincipalName –NewPassword -ForceChangePassword $False} |
Example: Step 1: Export Office 365 users account
PowerShell command Example
1 | Get-MsolUser | Select UserPrincipalName|Export-CSV c:\temp\o365users.csv |
1 | Import-CSV C:\Temp\o365users.csv |%{Set-MsolUserPassword -userPrincipalName $_.UserPrincipalName –NewPassword AbcAs123 -ForceChangePassword $False} |
Create new Office 365 user and set a unique temporary password by import the information from CSV file
PowerShell command Example
1 | Import-Csv –Path C:\Temp\Users.csv| ForEach-Object { New-MsolUser -UserPrincipalName $_.UserPrincipalName -FirstName $_.FirstName -LastName $_.LastName -DisplayName "$($_.FirstName) $($_.LastName)" –Password $_.Password –UsageLocation “US” } |
Set a Temporary Password for a specific user
PowerShell command Syntax
1 | Set-MsolUserPassword –UserPrincipalName <Identity> –NewPassword -ForceChangePassword $True |
PowerShell command Example
1 | Set-MsolUserPassword -UserPrincipalName John@o365info.com -NewPassword ww@322x -ForceChangePassword $True |
Set a Temporary Password for all Office 365 users (BulkMode)
PowerShell command Syntax
1 | Get-MsolUser | Set-MsolUserPassword –NewPassword -ForceChangePassword $False |
PowerShell command Example
1 | Get-MsolUser | Set-MsolUserPassword -NewPassword ww#322x -ForceChangePassword $False |
Set Office 365 Password Policy
PowerShell command Syntax
1 | Set-MsolPasswordPolicy -DomainName -NotificationDays –ValidityPeriod |
PowerShell command Example
1 | Set-MsolPasswordPolicy -DomainName o365info.com -NotificationDays 15 -ValidityPeriod 180 |
Display Password settings for all Office 365 users
PowerShell command Syntax
1 | Get-MsolUser | Select UserPrincipalName,PasswordNeverExpires |
Display information about Office 365 Password Policy
PowerShell command Syntax
1 | Get-MsolPasswordPolicy –DomainName |
PowerShell command Example
1 | Get-MsolPasswordPolicy –DomainName o365info.com |
Section B: User Principal Name (UPN) management
Change User login name “(UPN)” for a specific user
PowerShell command Syntax
1 | Set-MsolUserPrincipalname -UserPrincipalName <Identity> -NewUserPrincipalName |
PowerShell command Example
1 | Set-MsolUserPrincipalname -UserPrincipalName John@o365info.onmicrosoFT.com -NewUserPrincipalName John@o365info.com |
Change user login name “(UPN)” for ALL Office 365 users, exclude admin (BulkMode)
PowerShell command Syntax
1 | Get-MsolUser | Where { -Not $_.UserPrincipalName.ToLower().StartsWith(“admin@”) } | ForEach { Set-MsolUserPrincipalName -ObjectId $_.ObjectId -NewUserPrincipalName ($_.UserPrincipalName.Split(“@”)[0] + “@”) } |
Section C: License management
Display information about service that included in Specific license plan
PowerShell command Syntax
1 | Get-MsolAccountSku | Where-Object {$_.SkuPartNumber -eq 'ENTERPRISEPACK'} | ForEach-Object {$_.ServiceStatus} |
Display information about available licenses type
PowerShell command Syntax
1 | Get-MsolAccountSku |
Display information about all users and there licenses type
PowerShell command Syntax
1 | Get-MsolUser -All | FT Displayname,Licenses |
Display information about specific license plan
PowerShell command Syntax
1 | Get-MsolAccountSku | Where-Object {$_.SkuPartNumber -eq 'ENTERPRISEPACK'} |
Display information about Subscription
PowerShell command Syntax
1 | Get-MsolSubscription |FL DateCreated, NextLifecycleDate,SkuPartNumber,Status,TotalLicenses |
Display all Users with license
PowerShell command Syntax
1 | Get-MsolUser | Where-Object {$_.isLicensed -like "True"} | FT DisplayName,licenses,islicensed |
Display all Users without a license
PowerShell command Syntax
1 | Get-MsolUser | Where-Object {$_.isLicensed -like "False"} |
Display information about License Options assigned to User
PowerShell command Syntax
1 | (Get-MsolUser –UserPrincipalName ).Licenses[0].ServiceStatus |
Display information about License Options assigned to ALL Users
PowerShell command Syntax
1 | Get-MsolUser -all | ForEach-Object { "============="; $_.DisplayName; $_.licenses[0].servicestatus } |
Bulk licensing: Assign license by using CSV File
PowerShell command Syntax
1 | Import-CSV –Path <Path> | ForEach-Object { New-MsolUser -FirstName $_.FirstName -LastName $_.LastName -UserPrincipalName $_.UserPrincipalName -DisplayName "$($_.FirstName) $($_.LastName)" -LicenseAssignment '' –UsageLocation } |
PowerShell command Example
1 | Import-CSV -Path C:\Temp\User-lic.csv | ForEach-Object { New-MsolUser -FirstName $_.FirstName -LastName $_.LastName -UserPrincipalName $_.UserPrincipalName -DisplayName "$($_.FirstName) $($_.LastName)" -LicenseAssignment 'o365info:ENTERPRISEPACK ' -UsageLocation US } |
Assign license by importing from a file + Export to file and save password
PowerShell command Syntax
1 | Import-CSV –Path | ForEach-Object { New-MsolUser -FirstName $_.FirstName -LastName $_.LastName -UserPrincipalName $_.UserPrincipalName -DisplayName "$($_.FirstName) $($_.LastName)" -LicenseAssignment '' –UsageLocation } | Export-Csv -Path -NoTypeInformation |
PowerShell command Example
1 | Import-CSV -Path C:\Temp\User-lic.csv | ForEach-Object { New-MsolUser -FirstName $_.FirstName -LastName $_.LastName -UserPrincipalName $_.UserPrincipalName -DisplayName "$($_.FirstName) $($_.LastName)" -LicenseAssignment 'o365info:ENTERPRISEPACK ' -UsageLocation US } | Export-Csv -Path c:\temp\users-Password.csv -NoTypeInformation |
Assign license for all the Office 365 that Don’t have license (BulkMode)
Step 1: The first command will display a list of available license type .
PowerShell command Syntax
1 | Get-MsolAccountSku |
Step 2: The second command will be used for assigning the license <Licenses>
1 | Get-MsolUser -UnlicensedUsersOnly | Set-MsolUserLicense -AddLicenses : |
PowerShell command Example
1 | Get-MsolUser -UnlicensedUsersOnly | Set-MsolUserLicense -AddLicenses o365info:ENTERPRISEPACK |
Assign specific service for Office 365 user
Sku Part Number’s reference:
ENTERPRISEPACK Sku:
OfficeSUBSCRIPTION (Office Professional Plus)
MCOSTANDARD (Lync)
SHAREPOINTWAC (Office Web Apps)
SHAREPOINTENTERPRISE (SharePoint online)
EXCHANGE_S_ENTERPRISE (Exchange online)
DESKLESSWOFFPACK Sku:
SHAREPOINTWAC
SHAREPOINTDESKLESS
EXCHANGE_S_DESKLESS
EXCHANGEARCHIVE Sku
EXCHANGE_S_ARCHIVE
1. The first command will display a Display information about service that included in Specific license plan.
PowerShell command Syntax
1 | Get-MsolAccountSku | Where-Object {$_.SkuPartNumber -eq 'ENTERPRISEPACK'} | ForEach-Object {$_.ServiceStatus} |
2. The second command will Create a variable named: $OnlyOffice that will “contain” the values of all disabled services beside Office.
1 | $OnlyOffice = New-MsolLicenseOptions –AccountSkuId -DisabledPlans MCOSTANDARD,SHAREPOINTWAC,SHAREPOINTENTERPRISE,EXCHANGE_S_ENTERPRISE |
3. The third command will assign a license to a user by using the variable the disable all other service beside the Office service.
1 | Set-MsolUserLicense –UserPrincipalName -LicenseOptions $OnlyOffice |
Set location for unlicensed users
PowerShell command Syntax
1 | Get-MsolUser -UnlicensedUsersOnly |Set-MsolUser -UsageLocation US |
Bulk removal of unlicensed users
PowerShell command Syntax
1 | Get-MsolUser -all | Where-Object {$_.isLicensed -ne "true"}| Remove-MsolUser -Force |
Export information about users without a License
PowerShell command Syntax
1 | Get-MsolUser | Where-Object {$_.isLicensed -like "False"} | Export-CSV |
PowerShell command Example
1 | Get-MsolUser | Where-Object {$_.isLicensed -like "False"} | Export-CSV C:\Temp\Unlicensed-Users.csv –NoTypeInformation |
Section D: Usage location management
Set Usage location for Specific user
PowerShell command Syntax
1 | Set-MsolUser –UserPrincipalName –UsageLocation |
PowerShell command Example
1 | Set-MsolUser -UserPrincipalName user@o365info.com -UsageLocation US |
“fix” Usage location for Office 365 users
PowerShell command Syntax
1 | Get-MsolUser | Where-Object {$_.usagelocation –ne “”} | Set-MsolUser -UsageLocation "" |
PowerShell command Example
1 | Get-MsolUser | Where-Object {$_.usagelocation -ne "US"} | Set-MsolUser -UsageLocation "US" |
Set Usage location for un-licensed Office 365 users
PowerShell command Syntax
1 | Get-MsolUser -UnlicensedUsersOnly | Set-MsolUser –UsageLocation |
PowerShell command Example
1 | Get-MsolUser -UnlicensedUsersOnly | Set-MsolUser -UsageLocation US |
Set Usage location to users from specific department
PowerShell command Syntax
1 | Get-MsolUser | Where {$_.Department –eq “”} |Set-MsolUser -UsageLocation |
PowerShell command Example
1 | Get-MsolUser | Where {$_.Department –eq “mrkt"} |Set-MsolUser -UsageLocation US |
Section E: Display and Export information about Office 365 environment
Display a list of Office 365 users
PowerShell command Syntax
1 | Get-MsolUser |
Display a list of Office 365 Global Administrators
PowerShell command Syntax
1 | Get-MsolRoleMember –RoleObjectId .ObjectId | Select DisplayName,EmailAddress |
PowerShell command Example
1 | Get-MsolRoleMember -RoleObjectId “Company Administrator”.ObjectId | Select DisplayName,EmailAddress |
Display list of services assigned to user
PowerShell command Syntax
1 | Get-MsolUser -all | ForEach-Object { "============="; $_.DisplayName; $_.licenses[0].servicestatus } |
Display list of users and their currently License
PowerShell command Syntax
1 | Get-MsolUser | Where-Object {$_.isLicensed -eq "TRUE"} | Select Displayname,Licenses |
Find users UPN with a specific Domain name suffix
PowerShell command Syntax
1 | Get-MsolUser –DomainName | FT UserPrincipalName |
PowerShell command Example
1 | Get-MsolUser -DomainName o365info.com | FT UserPrincipalName |
Display a list of user from a specific department
PowerShell command Syntax
1 | Get-MsolUser | Where {$_.Department -eq ""} |
PowerShell command Example
1 | Get-MsolUser | Where {$_.Department -eq "Mrkt"} |
Export list of users and their License to: CSV file
PowerShell command Syntax
1 | Get-MsolUser | Where-Object {$_.isLicensed -eq "TRUE"} | Select Displayname,Licenses |
PowerShell command Example
1 | Get-MsolUser | Where-Object {$_.isLicensed -eq "TRUE"} | Select Displayname,Licenses > c:\temp\Licenses.txt |
Export information about Office 365 users mailbox to CSV file | Export list of all Office 365 users
PowerShell command Syntax
1 | Get-MsolUser | Select DisplayName,FirstName,LastName,UserPrincipalName,MobilePhone,PhoneNumber,Office,Fax,StreetAddress,PostalCode,City,Country,State,Department, IsLicensed ,PreferredLanguage , Title , UsageLocation | Export-CSV |
Export information about Office 365 users mailbox to CSV file | Export list of all Office 365 users with License
PowerShell command Syntax
1 | Get-MsolUser | Where-Object {$_.isLicensed -eq "TRUE"} | Export-CSV |
Export information about Office 365 users mailbox to CSV file | Export list of all Office 365 users without License
PowerShell command Syntax
1 | Get-MsolUser -UnlicensedUsersOnly | Export-CSV |
Export list of o365 users UPN + Email Address to: HTML file
PowerShell command Syntax
1 | $htstyle = “ |
” Get-MsolUser | Select UserPrincipalName,FirstName,LastName,DisplayName,@{Name=“ProxyAddresses”;Expression={$_.ProxyAddresses | ForEach-Object {$_.tostring() + “`n”}}} | ConvertTo-Html -head $htstyle -Body “Office 365 users list” | Out-File c:\temp\o365users.htm
Section F: Office 365 Recycle bin
Delete Office 365 User Account
PowerShell command Syntax
1 | Remove-MsolUser –UserPrincipalName |
PowerShell command Example
1 | Remove-MsolUser –UserPrincipalName John@o365info.com |
Delete Office 365 User Account Without a license (BulkMode)
PowerShell command Syntax
1 | Get-MsolUser -all | Where-Object {$_.isLicensed -ne "true"}| Remove-MsolUser -Force |
Restore Deleted User account by using the User UPN
PowerShell command Syntax
1 | Restore-MsolUser –UserPrincipalName -AutoReconcileProxyConFLicts -NewUserPrincipalName |
PowerShell command Example
1 | Restore-MsolUser -UserPrincipalName user1@o365info.com -AutoReconcileProxyConFLicts -NewUserPrincipalName user1@o365info.com |
Restore Deleted User account by using the User GUID
PowerShell command Syntax
1 | Restore-MsolUser –ObjectId -AutoReconcileProxyConFLicts -NewUserPrincipalName |
PowerShell command Example
1 | Restore-MsolUser -ObjectId b9e82087-ad92-4632-a219-d779c29d2edd -AutoReconcileProxyConFLicts -NewUserPrincipalName user1@o365info.com |
Delete (Remove) Specific user account from the Recycle bin
PowerShell command Syntax
1 | Remove-MsolUser -ObjectId -RemoveFromRecycleBin –Force |
PowerShell command Example
1 | Remove-MsolUser -ObjectId b9e82087-ad92-4632-a219-d779c29d2edd -RemoveFromRecycleBin –Force |
Delete (Remove) ALL user account from the Recycle bin (BulkMode)
PowerShell command Syntax
1 | Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser -RemoveFromRecycleBin –Force |
Display a list of ALL deleted User accounts
PowerShell command Syntax
1 | Get-MsolUser -ReturnDeletedUsers | FL UserPrincipalName,ObjectID |
Display information about Specific deleted User account
PowerShell command Syntax
1 | Get-MsolUser –ReturnDeletedUsers –SearchString | FL UserPrincipalName, ObjectID |
PowerShell command Example
1 | Get-MsolUser –ReturnDeletedUsers –SearchString user1@o365info.com | FL UserPrincipalName,ObjectID |
Delete Office 365 User Account
PowerShell command Syntax
1 | Remove-MsolUser –UserPrincipalName |
PowerShell command Example
1 | Remove-MsolUser –UserPrincipalName John@o365info.com |
PowerShell command syntax – Office 365 | Article series index
It is important for us to know your opinion on this article
Just an FYI – at present, if you set PasswordNeverExpires for an account to $true, then the user can’t change their password in OWA. They will get a message along the lines of “Sorry, you can’t change your password here. Contact your administrator.”
The fix seems to be to set the domain’s password policy (Set-MsolPasswordPolicy) so that passwords expire far into the future (9999 days is good), then set PasswordNeverExpires to $false. This will allow users to change their password if they want, but won’t force them to any time soon.
Hi, I need to move all of our users from one licence type to another. Any ideas how we can do that? I think we need to remove their licences then re-add them. Unfortunately I couldn’t find exactly what I needed on here.
Set-MsolUserLicense -UserPrincipalName [email protected] -AddLicenses
“contoso:ENTERPRISEPACK” -RemoveLicenses “contoso:Standardpack”
I know, its a very old post, however if someone reads it today will get the ans.
I like to know how many user change password from the next logon?
Hi All,
How can I export out those user account is been disabled from office 365 into cvs files?