Deep Dive Into Office 365 PowerShell Cmdlets (Part 4)

/* Nirmal Sharma*/ /*">Nirmal Sharma*/ /*Nirmal Sharma*/ Posted On June 13, 2016
0
4 Views


If you would like to read the other parts in this article series please go to:

Introduction

Before you can run any Office 365 PowerShell cmdlets, you will be required to connect to an Office 365 subscription. As stated in the Part II of this article series, you can use Connect-MsolService PowerShell cmdlet. Once you have connected to an Office 365 Subscription, you can use Office 365 PowerShell cmdlets to perform common tasks. In part 3, we explained some useful Get-MsolUser PowerShell commands to get information about Office 365 users.

Get-MsolUser Cmdlet and Properties

Get-MsolUser cmdlet supports a number of user properties. Apart from using “IsLicensed” property, the other properties that I use in my daily operational tasks are explained in the table below. The below table does not list all the properties supported by the Get-MsolUser cmdlet, but the common user properties that you might find useful.

Property When to use Property
AlternateEmailAddresses Displays the alternate email address assigned to an Office 365 user.
Department As the property name suggests.
DisplayName Display Name of the user. This property is required when creating a new user in Office 365.
IsLicensed Returns TRUE if user is licensed for any Office 365 Plans and FALSE if not licensed.
LastDirSyncTime If you have users synced from On-premises Active Directory, use this property to get the last date and time of the synchronization. In other words, use this property if you are using “Synchronized Identity” deployment approach and you want to know the last synchronization status of a user.
LastPasswordChangeTimestamp Use this property to get date and time of the last password changed for Office 365 users.
LicenseReconciliationNeeded Whether or not the user currently has a mailbox without an Office 365 license. I will explain more about this property in next part of this article series.
Licenses This is a multi-valued property. It contains the Office 365 licenses assigned to the user. I will explain more about Licenses property later in this article series.
LiveId This is the user’s unique ID to log on to Office 365.
MobilePhone As the name suggests.
OverallProvisioningStatus Whether or not the user has been provisioned for Office 365 services.
PasswordNeverExpires Use this property to see if the user is forced to change password every 90 days
StrongPasswordRequired Returns True or False. True indicates that the user is required to set the strong password when they change their password next time.
UsageLocation This is a two letter Country code and must be set in order to assign Office 365 Licenses. So it is fairly simple to understand that an Office 365 user must be assigned with a UsageLocation before the user can use the Office 365 services.
UserPrincipalName As the name suggests.
WhenCreated The creation date of the user.

Table 1

Tip:
You can use above properties with Get-MsolUser cmdlet and export the output in a CSV file by adding “Export-CSV <CSV file name> -NoTypeInformation”. However, it is important to note that when exporting the output to a CSV file, Get-MsolUser cmdlet exports all properties of a user unless you specify the property names in the command. For example, running below command against an Office 365 Tenant will export values of all properties:

  • Get-MsolUser –All | Export-CSV C:\Temp\Office365Users.CSV -NoTypeInformation

You might not want to see values of all properties of Office 365 users. To make sure only required properties are exported as part of the command, always use “Select-Object” cmdlet with the Get-MsolUser cmdlet as shown in the command below:

  • Get-MsolUser <Parameters> | Select-Object <Property name separated by a comma> | Export-CSV <CSV file name> -NoTypeInformation

For example, if you need to get values for DisplayName, City, UserPrincipalName, IsLicensed, SignInName properties, you will use below PowerShell command:

  • Get-MsolUser –ALL | Select-Object DisplayName, City, UserPrincipalName, IsLicensed, SignInName | Export-CSV C:\Temp\Office365Users.CSV -NoTypeInformation

Get-MsolUser cmdlet Parameters

Get-MsolUser cmdlet supports various parameters that you can use to get a specific type of information for Office 365 users. For example, by using “–EnabledFilter” parameter you can return users that are enabled or disabled. Similarly, you can use “-HasErrorsOnly” parameter to return users that have validation errors. I have compiled a list of Get-MsolUser parameters with examples in the table below:

Parameter

When to use

Example

-EnabledFilter

Use –EnabledFilter parameter to get a list of users that are enabled or disabled. You can use EnabledOnly or DisabledOnly values with –EnabledFilter parameter.

Get-MsolUser –All –EnabledFilter DisabledOnly

Get-MsolUser –All –EnabledFilter EnabledOnly

-DomainName

Use –DomainName parameter to get results for a specific Office 365 domain.

Get-MsolUser –All –DomainName <DomainName>

-ReturnDeletedUsers

Use –ReturnDeletedUsers parameter to get a list of users that were deleted from Office 365, but are still present in the Ofice 365 Recycle bin.

Get-MsolUser –ReturnDeletedUsers

-SearchString

Use –SearchString parameter to search users across Office 365 Tenant.

Get-MsolUser –All –SearchString Dean

Above command returns only users with an email address or display name staring with the “Dean” string.

-Synchronized

Use –Synchronized parameter if you need to return a list of users that are synchronized from On-Premises Active Directory.

Get-MsolUser –All –Synchronized

-UnlicensedUsersOnly

Use –UnlicensedUsersOnly if you wish to see a list of users that are associated with an Office 365 license.

Get-MsolUser –All –UnlicensedUsersOnly

-MaxResults OR -All

By default Get-MsolUser returns 500 results in a command. Use –All parameter to return all results. You can use either –MaxResults or –All parameter.

Get-MsolUser –All –UnlicensedUsersOnly

Get-MsolUser –MaxResults 2000 –UnlicensedUsersOnly

Table 2

You might have noticed the use of “-All” parameter with Get-MsolUser cmdlet in above examples. By default, Get-MsolUser returns a maximum of 500 results in a command. If you wish to perform a Get-MsolUser operation against all Office 365 users in an Office 365 Tenant, you must use “-All” parameter. Although you can specify “-MaxResults” parameter, but I don’t see any use of –MaxResults parameter if you need to perform Get-MsolUser operations against all Office 365 users.

Summary

In this part, we explained user properties and various parameters supported by the Get-MsolUser cmdlet. You can use properties explained above to return property value for a single or all Office 365 users.

In the next part, we will explain common Get-MsolUser commands and how to use Get-MsolUser cmdlet with other cmdlets such as Get-MsolUserRole cmdlet.

If you would like to read the other parts in this article series please go to:

Post Views: 4,433


Home » Cloud Computing » Office 365 » Deep Dive Into Office 365 PowerShell Cmdlets (Part 4)

Author

Nirmal Sharma

Nirmal Sharma is a MCSEx3, MCITP and was awarded the Microsoft MVP award in Directory Services and Windows Networking. He specializes in Microsoft Azure, Office 365, Directory Services, Failover Clusters, Hyper-V, PowerShell Scripting and System Center products. Nirmal has been involved with Microsoft Technologies since 1994. In his spare time, he likes to help others and share some of his knowledge by writing tips and articles on various sites.




Leave A Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

  • Featured Product

  • Join Our Newsletter

    Learn about the latest security threats, system optimization tricks, and the hottest new technologies in the industry.

    Over 1,000,000 fellow IT Pros are already on-board, don't be left out!

  • Follow Us


You are reading
Deep Dive Into Office 365 PowerShell Cmdlets (Part 4)
Share No Comment