Tag: powershell

How to Enable Multi-Factor Authentication (MFA) Office 365 with Powershell ?

Yusuf Ustundag 1 Comment

You can use Microsoft’s free Multi-Factor Authentication (MFA) application to further increase the security of your Office 365 users in your organization.
Of course, for this, your organization must have minimum Azure AD, Microsoft 365 and Microsoft 365 license types.

For more, you can visit the addresses below;

Secure user sign-in events with Azure AD Multi-Factor Authentication
Set up multifactor authentication for Microsoft 365
Multifactor authentication for Microsoft 365
Features and licenses for Azure AD Multi-Factor Authentication

If you want to enable MFA for all or some of your users in your organization, you can follow the steps below;
Method 1: You can access the MFA area via the console and take action for users.
Login to Office 365 Admin Center –> Active Users –> Multi-factor authentication

 

Method 2: You can do it using Connect-MsolService cmdlet powershell commands.
You can use three different methods, “EnablePerUserMFA”, “BulkImportEnable” and “EnableAllUserMFA”.

#ConnectMsolService Connect-Msolservice #EnablePerUserMFA $user = "alias@domainname"
$st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$st.RelyingParty = "*"
$st.State = "Enabled"
$sta = @($st) Set-MsolUser -UserPrincipalName $user -StrongAuthenticationRequirements $sta

If you want to enable MFA for more than one user or certain departments;
First we organize your users in csv file type

UserPrincipalName
alias1@domainname
alias2@domainname
alias3@domainname
alias4@domainname
alias5@domainname
alias6@domainname
#BulkImportEnable $users = Import-Csv "C:\Temp\MFAEnable.csv" foreach ($user in $users) { $st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement $st.RelyingParty = "*" $st.State = "Enabled" $sta = @($st) Set-MsolUser -UserPrincipalName $user.UserPrincipalName -StrongAuthenticationRequirements $sta } Write-Host "Script is Running.." Read-Host -Prompt "Script is Completed, Press Enter to Exit."
#EnableAllUserMFA $st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement $st.RelyingParty = "*" $st.State = "Enabled" $sta = @($st) Get-MsolUser -All | Set-MsolUser-StrongAuthenticationRequirements $sta

Have a nice day !

How to Change User Role “Manage Teams”

Yusuf Ustundag 1 Comment

If you want to change the roles of the members of the team groups you have, you can usually use the Teams Admin Panel.

Manage Team Settings

In cases where there are too many members in the group you want to change roles, it may not be efficient to do this from the management console, or you may not see the action taken.

The next thing to do is to use Teams Powershell commands.

First of all, we use the get-team cmdlet to see the properties of the group.

Get-Team -DisplayName "Group Name"

We need to use the Get-TeamUser cmdlet to view the members of the group, but it needs “GroupId” information to use it.

Get-Team -DisplayName "Group Name" | select GroupID

Get-TeamUser -GroupId "419XXX-XXfc-XX6-bXX9-XXXX2ae8a"

We need to use the Add-TeamUser or Remove-TeamUser cmdlet to change roles.

Add-TeamUser -GroupId "419XXX-XXfc-XX6-bXX9-XXXX2ae8a" -User yusuf@yusufustundag.com -Role Owner

or

Remove-TeamUser -GroupId "419XXX-XXfc-XX6-bXX9-XXXX2ae8a" -User yusuf@yusufustundag.com -Role Owner

 

Have a nice day !

How to Find Servers are Using VMXNET3 Adapter

Yusuf Ustundag 1 Comment

If you want to list the adapters used by the virtual servers in your VMware virtualization platform, you can use the commands below.

By the way first of all you need to connect to vCenter and vmware tools must also be installed on your virtual servers.

For example to list servers with VMXNET3 adapters;

Get-Vm | Get-NetworkAdapter | Where-object {$_.Type -eq "Vmxnet3"} | Select @{N="VM";E={$_.Parent.Name}},Name,Type

 

For example to list servers without VMXNET3 adapters you can changing the -eq parameter;
Get-Vm | Get-NetworkAdapter | Where-object {$_.Type -ne "Vmxnet3"} | Select @{N="VM";E={$_.Parent.Name}},Name,Type

 

If you want to export these lists into .csv file usage Export-Csv command;
Export-Csv C:\VMXNET3_Adapter.csv -NoTypeInformation

The final state of the command;

Get-Vm | Get-NetworkAdapter | Where-object {$_.Type -eq "Vmxnet3"} | Select @{N="VM";E={$_.Parent.Name}},Name,Type | Export-Csv C:\VMXNET3_Adapter.csv -NoTypeInformation

Have a nice day !

How to Connect VMware from Powershell

Yusuf Ustundag 3 Comments

I know it sounds like a very simple process.It is usually told that you can open the powershell application and access it with the “Connect-VIserver” command sets.
This information is correct but incomplete because the need to required install the powershell module.

Install-Module -Name VMware.PowerCLI

If you have installed the module, you can now connect to VMware vCenter via Powershell.

Connect-VIserver -Server vCenter -Port 443

If you get an error like the one below while connecting, you can use the command below to ignore the warning.

Error: Invalid server certificate. Use Set-PowerCLIConfiguration to set the value for the InvalidCertificateAction option to Prompt if you’d like to connect once or to add a permanent exception for this server. Additional Information: Could not establish trust relationship for the SSL/TLS secure channel with authority

Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false

Now you can connect

Have a nice day !

How to Find Local Group Members from Remote Servers

Yusuf Ustundag 2 Comments

If you need to list local group members belonging to remote servers , you can use two different powershell commands below.

By the way If the Windows Remote Management (WinRM) service is turned off on your remote servers, “Invoke-Command” doesn’t work.

$Servers = Get-Content C:\Temp\BulkServers.txt
Foreach ($Server in $Servers)
{
Invoke-Command -ComputerName $Server -ScriptBlock {Get-LocalGroupMember -Group "Remote Desktop Users"} | Select PSComputerName,Name
}

or

$Servers = Get-Content C:\Temp\BulkServers.txt
Foreach ($Server in $Servers)
{
$Groups = Get-WmiObject Win32_GroupUser –Computer $Server
$RDPUsers = $Groups | Where GroupComponent –like '*"Remote Desktop Users"'

Write-Host "Server: $Server"
Write-Host " "
$RDPUsers |% {
$_.partcomponent –match ".+Domain=(.+)\,Name=(.+)$" > $null
$matches[1].trim('"') + "\" + $matches[2].trim('"')
}
Write-Host " "
}

To list other group members, simply change the “Remote Desktop Users” group information.

Have a nice day !

How to Bulk Add DNS A Records

Yusuf Ustundag Leave a comment

If you want to add A records in bulk, you must first edit the A records you want to add as a “.csv” file.

Then it will be enough to run the following powershell line.

Import-Csv .\dns.csv | ForEach-Object { Add-DnsServerResourceRecordA -Name $_.Name -IPv4Address $_.IPv4Address -ZoneName yusufustundag.com -ComputerName PDC -CreatePtr}

If you want to check the A records run the following powershell line.

Get-DnsServerResourceRecord -ZoneName yusufustundag.com -RRType A

Have a nice day!

How to Move Exchange Queue

Yusuf Ustundag Leave a comment

If you need to move the Exchange queue , you can follow the steps below.

1-Suspend Message Queue
Get-Message -Server ExcSrv | Suspend-Message

2-Export Suspend Message
Get-Message -Server ExcSrv | ForEach-Object {$Temp="E:\Export\"+$_.InternetMessageID+".eml";$Temp=$Temp.Replace("<","");$Temp=$Temp.Replace(">","");Export-Message $_.Identity | AssembleMessage -Path $Temp}

3-It is sufficient to move the exported mails to the Replay folder to enable resending.
Path –> “Exchange Server\V15\TransportRoles\Replay”

Note : Run Exchange Management Shell as an Administrator .

Have a nice day!