Azure AD Identities
Managing Users and Groups
Managing Passwords and Password Policies
Self-Service Password Reset
Managing Product Licenses
The course is part of this learning path
Microsoft 365 offers Enterprise Mobility & Security (EMS), Windows 10, and Office 365 to enhance business productivity and security. Because Microsoft 365 offers a variety of services and features, not everything is in the same place. Therefore, we need to navigate within different portals, and familiarity with “what is where” gets really important over time.
In this course, we will have a look at some of the most common tasks to be performed by Microsoft 365 administrators related to Azure AD identities, how to secure your environment by assigning the correct permissions to your users, and how to reduce administrative overhead. We’ll do various tasks in different ways by using the Microsoft 365 Admin Center, the Azure portal, and even use Windows PowerShell for automating bulk actions.
Choosing the right type of identity for your current infrastructure is the first step for any successful Microsoft 365 deployment.
- Plan Azure AD Identities
- Manage Users and Groups
- Manage User Access with Access Reviews
- Manage Passwords and Password Policies
- Implement Self-Service Password Reset (SSPR)
- Manage Product Licenses
- People preparing for Microsoft’s MS-100 exam
- Microsoft 365 Administrators
- Experience with Microsoft 365
- Experience with the Azure portal
- Experience with PowerShell
If you want to manage multiple groups you need to use PowerShell. In this demonstration, we're going to create multiple Office 365 groups. We used the 'Get Credential' commandlet to store our work credentials in a variable called creds, and then we need to connect to exchange online. This is a standard script provided by Microsoft where only the credentials parameter needs to be changed to our variable and in that case will be creds.
Then we need to use the new PSSession and provide our HashTable and the last step will be import PSSession and provide the session variable. You will receive a warning once you're connected to exchange online but you can safely ignore it.
Now that we are connected to exchange online I'm gonna use the 'Connect to Azure AD' and provide my credentials. Now, this is not required but if we want a list of all our groups and not only the groups that are related to exchange online then we need to use the 'Connect to Azure AD' commandlet.
Now let's get a list of all our current groups in Office 365. I'm gonna use the 'Get Azure AD' group and provide the all parameter and in that scenario, I'm just gonna select the display name property.
So we currently have three groups, now's the time to create our new groups. We are going to import the groups from the '.csv file' by using the 'Import-csv' and provide a path and store the values in a variable that's called 'Groups to create'.
First, let's have a look at the csv file and that's a very basic csv file. For the members, I have two different members for the marketing group which are separated by a comma.
Let's go back to the script and because we are creating multiple groups, we'll use the 'foreach' group. So for each group that we have in our groups to create variable, which is our csv file, we'll provide the values for the display name, the alias, the AcessType which can be a private or public, the Owner, and also the Members. See that for the Members I'm using the split parameter and that provides where I want the split to happen. Then, because this is an Office 365 group, we use the new, unified group and provide a HashTable. And now our groups have been created successfully.
Now let's use the exact same csv file to delete those groups. We can use the import csv and provide a path and store that in a different variable called 'GroupsToDelete' Again, we are using a foreach group for each old group that we have in the 'GroupsToDelete' variable. We use the 'Remove-Unifiedgroup' and simply provide the identity for our matter which will be the display name. You may be asked to confirm this by the force parameter. And now by running the 'Get Azure AD' group again, we should be back to the groups we had at the beginning. And indeed we are back to our three groups.
One last thing that's really important is to use the 'Remove-PSSession' before closing the barber shed window because closing the barber shed window will not disconnect you from exchange online. So simply run 'Remove-PSSession' and the session variable and we are now disconnected from exchange online.
Veronique is a SharePoint and Office 365 consultant for an IT company based in Glasgow, UK. She loves photography, the outdoors, and long walks with her two dogs! You can follow Veronique on Twitter @veronicageek or read her blog at https://veronicageek.com.