IT

Connect to all Office 365 services via PowerShell

Posted on by Adam Fowler

I found this great TechNet article and wanted to share:

Connect to all Office 365 services in a single Windows PowerShell window

It’s a greatly described article about how to connect to each Office 365 service – MSOL itself, Exchange Online, Skype For Business, SharePoint Online and the Compliance Center.

If you go through the article, you can set up a script to prompt you once for Office 365 administrator credentials, and connect to each service for a one stop shop on managing your Office 365 environment from PowerShell.

One catch (which is mentioned in the article) is that you’ll need to run PowerShell in Administrator mode, or you won’t be able to import modules. You’ll see an error like:

The specified module 'Microsoft.Online.SharePoint.Online.PowerShell' was not loaded because no valid module file was found in any directory.

If you aren’t sure if you’re in Administrator or User mode, the default path prompted in the PowerShell window will be “PS C:\users\username>” for User mode, and “PS C:\Windows\system32>” for Administrator mode (along with the word “Administrator” in the PowerShell window title.

I’m only new to Office 365, but I’ve found the GUI via the web for user management rather basic – I can’t do simple tasks such as search for users on a specific domain, then add them to a group. PowerShell is absolutely necessary if you want to manage Office 365.

Create A Custom Email Address for External Office 365 Users

Posted on by Adam Fowler

With SharePoint Online, you can create sites that external users can log into and access. This is great for things like sharing documents, with a lot more functionality than a plain file download and upload like Dropbox.

Unfortunately, there isn’t an easy way to create a manual user, but have notifications go to their external email address. When you create a user in Office 365 or Azure AD, they have to be set up with one of your valid, owned domains.

There is a way to modify the ‘Work Email’ field of a cloud user, which is then used by SharePoint Online to send notifications and updates to whatever address they want – but at the time of writing this, can’t be done via the webpage GUI, nor by native PowerShell commands.

There is a way though, thanks to a script written by Ivan Yankulov called “Script to Write and Get User Profile Properties in SharePoint Online with CSOM

The script uses the API’s of SharePoint Online to make changes to users, but read Ivan’s explanation of it on his blog if you’re interested in understanding how it works.

 

These instructions assume you’ve already created the user in Office 365/Azure AD.

Log on to SharePoint Online as user: http://yourwebsite.sharepoint.com

Install SharePoint Online Client Components SDK

Download script Script to Write and Get User Profile Properties in SharePoint Online with CSOM

To get user’s details (need to be an Office 365 Global admin, and use standard PowerShell to launch the .ps1 file from the script above):

.\Get-SPOUserProfileProperty.ps1 -accountname “[email protected]” -spoadminportalurl “https://yourdomain-admin.sharepoint.com” -username [email protected] – password xxx

If you don’t specify the password in the command line, it will prompt for credentials (which is fine). This will make sure things are working, and you’ll see all the fields of that user

To set user’s details:

.\set-SPOUserProfileProperty.ps1 -propertyname WorkEmail -accountname “[email protected]” -value [email protected] -spoadminportalurl “https://yourdomain-admin.sharepoint.com” -username [email protected] -password xxx

This is fine on a single user basis, but can also be scripted:

$data = import-csv -path C:\Temp\userdetails.csv
foreach ($user in $data){
.\set-SPOUserProfileProperty.ps1 -propertyname WorkEmail -accountname $user.UserPrincipalName -value $user.EmailAddress -spoadminportalurl “https://yourdomain-admin.sharepoint.com” -username [email protected] -password xxx
}

The password is specified in this script because you’ll be prompted for the password on every single user change. You can always save this script, add your password, run the script but not save the changes.

The CSV file used is the same as my last article Office 365 and PowerShell Cloud User Creation

DisplayName,FirstName,LastName,Password,EmailAddress,UserPrincipalName
Richard Sole,Richard,Sole,ILovePSv4,[email protected],[email protected]

If you have any issues getting the above working, feel free to ask in the comments below.

Office 365 and PowerShell Cloud User Creation

Posted on by Adam Fowler

Getting started with Office 365 and Powershell can be a bit confusing, partly because so many aspects have changed in a short time. This is really for my own notes, but I’ve made it generic and may help others:

Here’s a very brief rundown on how to set yourself up and start creating cloud users. For internal users, DirSync/AzureAD is a much better option, but you may have requirements for external parties to access your Office 365 environment in some way.

Install Microsoft Online Services Sign-In Assistant for IT Professionals

Install Azure AD Module

Launch Azure Active Directory PowerShell

Test connectivity to Azure/Office365 by adding account using command “connect-msolservice” – will get prompted for credentials.

Check you’re connected with a command such as “Get-MsolCompanyInformation”

Create a CSV with your users such as this:

DisplayName,FirstName,LastName,Password,EmailAddress,UserPrincipalName
Richard Sole,Richard,Sole,ILovePSv4,[email protected],[email protected]

Run this script which will prompt for Azure credentials. This one is hardcoded for the AU region, but can be added as a variable to the CSV.

Connect-MsolService
$data = import-csv -path C:\Temp\myusers.csv
foreach ($user in $data){
New-MsolUser -FirstName $user.FirstName -DisplayName $user.DisplayName -LastName $user.LastName -Password $user.Password -UserPrincipalName $user.UserPrincipalName -UsageLocation AU
}

Users are now created in Office 365!

You can store the credentials to be used, or use a certificate – this Azure article shows how https://azure.microsoft.com/en-us/documentation/articles/powershell-install-configure/

 

My Trip To Sydney’s Vivid Festival

Posted on by Adam Fowler

Thanks to Intel, I was invited to see and experience the Vivid Sydney light festival.

Intel are the main sponsor of Vivid Sydney, and have been for the last 5 years. Not being from Sydney, I really didn’t know much about what Vivid even was (which was evident when I asked what time during the day I should be there for, when it’s a nighttime light event), I’m glad I found out about it.

Vivid’s slogan is ‘Lights, Music, Ideas’ which is rather accurate, but should also include ‘Technology’. Scattered around the Sydney CBD are dozens of things to see and experience – the Vivid website lists several.

Although structures like the Sydney Opera House and The University Of Sydney were incredibly impressive, I was sent across to see what Intel was doing behind the scenes to power it all, as well as checking out what cool things they had on display.

WP_20150528_20_44_53_Pro

The first thing I saw was a demo of Intel’s RealSense technology, as shown by CNET Australia thanks to Claire Reilly. The technology uses three different cameras on your computing device for proper 3D imaging. Sheldon is involved somehow, so it must be good (also check that link for lots of cool things this technology can do). The tech demo could accept a few gestures, and showed a 3D rendering of the object placed in front of it (usually someone’s face). One of the highly useful implementations of this technology will be Windows 10 support for logging in, which can’t be fooled with a 2D photo of someone – this was a fundamental flaw in using a single camera to take a photo of someone’s face for a ‘secure login’.

WP_20150528_18_06_10_Pro

After this demo, I got to fly a drone in ‘Game Of Drones‘. Disappointingly for me, the exhibit was going under a bit of work, which meant I had the joy of flying up or down. Hopefully others had a few more controls than this! Drones are of course fun, but Intel had linked them together and had them talking back to a centralised system (powered by Intel of course) which made sure they wouldn’t bump into each other. I was ready to take on @BeauGiles too, but alas our drones were never to meet.

WP_20150528_20_02_06_Pro

WP_20150528_18_19_42_Pro

A lot of what was happening behind the scenes at Vivid Sydney was powered by Intel, but you’d have no idea it was the case. One example I was told about, was that many of the boats in the harbour had been set up with an Intel Galileo board and a bunch of lights. The board was programmed to recognise where the boat was in the harbour, and change the light colour accordingly. A rather effective result from a simple little idea.

While being treated to VIP access ginger beers, a woman walked by who caught my eye. This was because she was wearing a rather fetching suit, that lit up when she breathed. Again, this was powered by an Intel chip of some sort – it was a bit rude to stare to try and work that out. But the robot woman (which is what I called her, unsure on how much was human vs robot) at least posed for a picture before crushing mankind:WP_20150528_19_14_57_Pro

It was a really fun event, which had so much effort put into it from behind the scenes. I can imagine the amount of hours put in from artists, technicians and all the other roles required to make such an event happen. Sydney, you’re a very lucky city for having it! Thanks again Intel for letting me experience Vivid Sydney.

How To Launch A URL In Google Chrome

Posted on by Adam Fowler

How To Launch A URL In Google Chrome

When your default browser isn’t Google Chrome, how do you force a particular link to always open in it?

We want to open a particular URL in Google Chrome, but the default browser is Internet Explorer. Most company apps either support or require Internet Explorer, so we don’t want to change the default browser – but one app works better in Chrome.
URI Schemes are required to make this work.

Applies To: Windows 10

Scenario:
We want to open a particular URL in Google Chrome, but the default browser is Internet Explorer. Most company apps either support or require Internet Explorer, so we don’t want to change the default browser – but one app works better in Chrome.

We could create a desktop shortcut using chrome.exe -url http://webpage.com, but the site is also linked from our Intranet – how do we get the link to always launch in the preferred browser?

 

Update 21st Dec 2016

Updates to Chrome seem to have broken this. Thanks to Chris Done for working with me on this fix:

1.Add the String Value of “URL Protocol” with a blank value to:

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\] or [HKEY_CLASSES_ROOT\Chrome]
(they’re one and the same)
“URL Protocol”:””

2. Modify the value of

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell\open\command\Default]
“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” — %1

3. Use a space in the URL after the // you’re using for your link:

ChromeHTML:// adamfowlerit.com

4. Create this key to remove the prompt on opening the link:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ProtocolExecute\ChromeHTML]
“WarnOnOpen”=dword:00000000

Here’s the registry settings you can copy and paste into a .reg file and import:

Copy from the next line

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML]
@=”Chrome HTML Document”
“URL Protocol”=””

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\DefaultIcon]
@=”C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe,0″

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell\open]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell\open\command]
@=”\”C:\\Program Files (x86)\\Google\\Chrome\\Application\\Chrome.exe\” — %1″

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ProtocolExecute\ChromeHTML]
“WarnOnOpen”=dword:00000000

Copy stops above this line

End of update 21st Dec 2016

Answer:
URI Schemes. Any program can be launched using a protocol (you can see which ones you already have in Windows under Control Panel > Default Programs > Associate a file type or protocol with a program > Scroll past all the extensions down to the protocols.

You may have something like ‘MAILTO’ which is used in the format “Mailto:”. Type that into your browser and it will either launch a new email from your default mail client, or ask you to set a default mail client.

Some apps automatically create their own protocol, but you can also create your own through registry entries. Details from MSDN are available here.

Luckily for Chrome, this is already done for you, using ChromeHTML. This means you should be able to call Chrome with “ChromeHTML:” and insert the URL you want after it to open – except it doesn’t work. Chrome will open, but no URL is passed over.

A user has logged this bug with Google several months ago, it hasn’t been fixed. There is a workaround though, that can easily be done via group policy to change a local registry setting.

As this user mentions, a quote needs to be taken out of the following registry key, so it looks like this:

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell\open\command]
@="\"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe\" -- %1"

The quote removed was before the % sign.

Once this is done, the ChromeHTML protocol can be used with a URL, as long as it’s in this format:

ChromeHTML:// google.com

Note the space after the slashes.

The next issue you will notice, is that Internet Explorer will most likely prompt when launching the URL, asking ‘Do you want to allow this website to open a program on your computer?’ – there is a tickbox you can remove to ‘Always ask before opening this type of address’ but this can also be suppressed via the registry.

Snapcomms have an article on how to do it with their product, but the same rules apply for Google Chrome, as long as you use the right key:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ProtocolExecute\ChromeHTML]
“WarnOnOpen”=dword:00000000

Once this key exists, the prompt will no longer show for that particular protocol.

That’s it, now you can use a URL link such as “ChromeHTML:// adamfowlerit.com” on your intranet page to launch the website of your choice in Chrome browser.

Update 22nd January 2018

This issue has been marked as ‘Wont fix’ by the Chromium team. This means potentially, they may ‘break this/remove this/anything could happen’ in the future. Please be aware that you’re now doing something unsupported by Google. In November they removed more of the functionality that made this work, for reasons I can’t quite understand!