This script has been developed for a custom project with the following requirements:
The script utilizes a self developed C# command line tool, which has been published as open source at Github. The ResizeImage Wiki explains the usage of the command line tool. The application's configuration controls the target size and an optional pixel based offset.
Maybe the script will be useful in your project as well.
The code samples utilize the following folder structure:
# EXAMPLE # Resize photos stored in the default PictureSource folder for Exchange On-Premises (648x648) and write images to user mailboxes .\Set-UserPictures.ps1 -ExchangeOnPrem # EXAMPLE # Resize photos stored on a SRV01 share for Exchange Online and save resized photos on a SRV02 share .\Set-UserPictures.ps1 -ExchangeOnline -PictureSource '\\SRV01\HRShare\Photos' -TargetPathExchange '\\SRV02\ExScripts\Photos' # EXAMPLE # Resize photos stored in the default PictureSource folder for Active Directory (96x96) and write images to user thumbnailPhoto attribute .\Set-UserPictures.ps1 -ActiveDirectory # EXAMPLE # Resize photos stored in the default PictureSource folder for Intranet (150x150) .\Set-UserPictures.ps1 -Intranet
You sometimes need some (or even many) test user objects in Active Directory.
This script helps you create any number of test users in your Active Directory domain, which you can easily enable for on-premises or remote mailboxes afterward.
# Number of user accounts to create $UserCount = 5 $RandomPassword = $true $DefaultPassword = 'Pa55w.rd' # User name prefix # New user object will be named TestUser1, TestUser2, ... $TestUserPrefix = 'TestUser' # User object properties $GivenName = 'Test' $Surname = 'User' $Company = 'Varunagroup' $JobTitle = @('Junior Consultant','Senior Consultant','Technical Consultant','Business Consultant') $PreferredLanguage = 'de-DE' # Name of the new organizational unit for test user object $TestOU = 'Test User' # Target OU path where the script creates the new OU $TargetOU = 'OU=IT,dc=varunagroup,dc=de' # Import Active Directory PowerShell Module Import-Module -Name ActiveDirectory # Build OU Path $UserOUPath = ("OU={0},{1}" -f $TestOU, $TargetOU) # Check if OU exists $OUExists = $false try { $OUExists = [adsi]::Exists("LDAP://$UserOUPath") } catch { $OUExists =$true } if(-not $OUExists) { # Create new organizational unit for test users New-ADOrganizationalUnit -Name $TestOU -Path $TargetOU -ProtectedFromAccidentalDeletion:$false -Confirm:$false } else { Write-Warning ('OU {0} exists please delete the OU and user objects manually, before running this script.' -f $UserOUPath) Exit } Write-Output ("Creating {0} user object in {1}" -f $UserCount, $UserOUPath) # Create new user objects 1..$UserCount | ForEach-Object { # Get a random number for selecting a job title $random = Get-Random -Minimum 0 -Maximum (($JobTitle | Measure-Object). Count - 1) # Set user password if($RandomPassword) { # Create a random password $UserPassword = ConvertTo-SecureString -String (-join ((33..93) + (97..125) | Get-Random -Count 25 | % {[char]$_})) -AsPlainText -Force } else { # Use a fixed password $UserPassword = ConvertTo-SecureString -String $DefaultPassword -AsPlainText -Force } # Create a new user object # Adjust user name template and other attributes as needed New-ADUser -Name ("{0}{1}" -f $TestUserPrefix, $_) ` -DisplayName ("{0} {1}" -f $TestUserPrefix, $_) ` -GivenName $GivenName ` -Surname ("$Surname{0}" -f $_) ` -OtherAttributes @{title=$JobTitle[$random];company=$Company;preferredLanguage=$PreferredLanguage} ` -Path $UserOUPath ` -AccountPassword $UserPassword ` -Enabled:$True ` -Confirm:$false }
Use your on-premises Exchange Management Shell to enable all test users with an on-premises mailbox.
$UserOU = 'OU=Test User,OU=IT,dc=varunagroup,dc=de' Get-User -OrganizationalUnit $UserOU | Enable-Mailbox -Confirm:$false
Use your on-premises Exchange Management Shell to enable all test users with a new remote mailbox in Exchange Online. Do not forget to change the tenant name of the remote routing address.
Get-User -OrganizationalUnit 'OU=Test User,OU=IT,dc=varunagroup,dc=de' | %{Enable-RemoteMailbox -Identity $_ -Confirm:$false -RemoteRoutingAddress "$($_.SamAccountName)@TENANT.mail.onmicrosoft.com"}
You find the most recent version of the script at GitHub.
Enjoy.
When using this PowerShell script you can update the guest user's thumbnail photo to a photo that aligns with your company's corporate identity and compliance guidelines, and you do not have to rely on the Azure AD default photo.
# EXAMPLE # Set the photo ExternalUser.png for all guest users if no photo exists .\Set-GuestUserPhoto.ps1 -FilePath D:\Photos\ExternalUser.png -GuestUsersToSelect All -UpdateMode SetIfNoPhotoExists # EXAMPLE # Set the photo ExternalUser.png for guest user JohnDoe@varunagroup.de if no photo exists .\Set-GuestUserPhoto.ps1 -FilePath D:\Photos\ExternalUser.png -GuestUsersToSelect Single -UserPrincipalName JohnDoe@varunagroup.de
This script deletes user from the NoSpamProxy NoSpamProxyAddressSynchronization database table [Usermanagement].[User] table that have not been removed by the NoSpamProxy Active Directory synchronization job.
The script was developed due to a process flaw in how Active Directory accounts are handled as part of a leaver process. So this script does not fix a software bug, but a process glitch.
Due to the Active Directory account process the accounts still exist in Active Directory and are synchronized to the NoSpamProxyAddressSynchronization database.
When executed without the -Delete parameter all identified users are wirtten the log file only.
# EXAMPLE 1 # Check for Active Directory existance of all users stored in NoSpamProxy database. Do NOT delete any users from the database. .\Remove-NspUsers.ps1 # EXAMPLE 2 # Delete users from NoSpamProxy database hosted on SQL instance MYNSPSERVER\SQLEXPRESS that do NOT exist in Active Directory. .\Remove-NspUsers.ps1 -Delete -SqlServerInstance MYNSPSERVER\SQLEXPRESS
This script searches for OOF rules created by users using the Outlook rule-tab in the OOF assistant and deletes exisiting OOF rules.
In preparation to configure compliant Out-Of-Office (OFF) settings for users, any existing OOF rule needs to be deleted. The script will use either an exisiting Exchange Server EWS library or the Managed EWS library installed using the default file path.
This is the first of two scripts for the complete solution. Find the second script here.
The script access the mailbox rules using Exchange Web Services. Therefore the account executing the script either needs to have ApplicationImpersonation rights or full access to the user mailbox.
# EXAMPLE 1 # Find any existing OOF rule and write results to log file Remove-OOFRule # EXAMPLE 2 # Find and delete any existing OOF rules in all user mailboxes and write delete actions to log file Remove-OOFRule -Delete # EXAMPLE 3 # Find and delete any existing OOF rules for user SomeUser@varunagroup.de and write delete actions to log file Remove-OOFRule -Mailbox SomeUser@varunagroup.de -Delete
Rhoderick Milne (https://blogs.technet.microsoft.com/rmilne)
You can block an user from logging on to Office 365 by setting the BlockCredential attribute to $true.
Set-MsolUser -UserPrincipalName myuser@mcsmemail.de -BlockCredential $true
But the MSOL user attribute is reverted to $false, when ADD Connect synchonization cycle runs.
This happens, because the local Active Directory attribute accountEnabled is used to controll the BlockCredential attribute in Azure AD.
If your IT operation requires the ability to have enabled users in your local Active Directory infrastructure and you need to prevent logon to cloud services you need to prevent the accountEnabled attribute from being synchronized to Azure AD. This might not necessarily be a general requirement during normal operations, but might be useful while doing a Proof-of-Concept.
Just exclude the attribute from the Azure Active Directory connector in the Synchronization Service Manager.
The following script disables all users excluding
# Userfilter $UserExceptions = ("Sync_SYNC01_add98768492f@mcsmemail.onmicrosoft.com","SPO-SRV-ACCOUNT@mcsmemail.de","SynchedAdmin@mcsmemail.de") # Fetch synchronized users $DomainAccounts = Get-MsolUser -EnabledFilter EnabledOnly -MaxResults 5000 | Where-Object -Property LastDirSyncTime -ne $null # Select synchronized users not following the pattern ADM*@mcsmemail.de (admin accounts in this case) $DomainAccountsWithoutAdmins = $DomainAccounts | Where-Object -Property UserPrincipalName -notlike "ADM*@mcsmemail.de" # Exclude accounts listed in $UserExceptions $DomainAccountsWithoutAdminsFiltered = $DomainAccountsWithoutAdmins | Where-Object -Property UserPrincipalName -NotIn $UserExceptions # Now block cloud logon for all filtered users ForEach ($User2Block in $DomainAccountsWithoutAdminsFiltered) { Write-Host ('Disabling User: {0}.UserPrincipalName)' -f $User2Block) Set-MsolUser -UserPrincipalName $User2Block.UserPrincipalName -BlockCredential $true }
Enjoy Office 365.
This script imports multiple PST files located in a single directory into a user mailbox or a user mailbox archive.
Due to some filename limitations of the New-MailboxImportRequest cmdlet in reagards to the UNC path, the PST filenames are sanitized. Any unsupported (unwanted) character is removed. You can modify the replacement function as needed. This might be necessary as the PST filenames can be used as target folder names during import.
Original filenames:
Renamed filenames:
When using the FilenameAsTargetFolder switch each PST file is imported into a separate target folder.
After successfully importing a PST file, the PST can optionally be renamed to .imported. This simplifies a re-run of the script in the case that you a lot of PST files for a user or a large number of files as part of archive solution offboarding process.
NOTE: This script utilizes the GlobalFunctions PowerShell module for logging. Please prepare your system for the use of the GlobalFunctions module first.
Steps performed:
Example PowerShell Output
.\Start-MailboxImport.ps1 -Identity JohnDoe -Archive -FilePath "\\ROBERTKWEISS\e$\PSTImport\JohnDoe" -FilenameAsTargetFolder -BadItemLimit 10 -ContinueOnError -SecondsToWait 90 Note: Script will wait 90s between each status check! Create New-MailboxImportRequest for user: JohnDoe and file: \\ROBERTKWEISS\e$\PSTImport\JohnDoe\Myoldarchive.pst into the archive. Targetfolder:"Myoldarchive". Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: InProgress Import request JohnDoe-Myoldarchive.pst completed successfully. Import request JohnDoe-Myoldarchive.pst deleted. Create New-MailboxImportRequest for user: JohnDoe and file: \\ROBERTKWEISS\e$\PSTImport\JohnDoe\Myoldarchive1.pst into the archive. Targetfolder:"Myoldarchive1". Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: InProgress Import request JohnDoe-Myoldarchive1.pst completed successfully. Import request JohnDoe-Myoldarchive1.pst deleted. Script finished.
This Powershell script has been optimized using the ISESteroids™ add-on. Learn more about ISESteroids™ here.