Powershell Cheat sheet
Powershell Cheat sheet
List all mailboxes with a forwardingaddress set
Get-Mailbox | Where-Object {$_.ForwardingSMTPAddress -ne $null} | Select-Object DisplayName,PrimarySMTPAddress,ForwardingSMTPAddress,Whencreated
Get MFA status
Get-MsolUser -all | Select-Object DisplayName,UserPrincipalName,@{N="MFA Status"; E={ if( $_.StrongAuthenticationRequirements.State -ne $null){ $_.StrongAuthenticationRequirements.State} else { "Disabled"}}}
Teamsgroup export with membercount, owners, whencreated etc
Write-Output "DisplayName;Address;Owner;Members;WhenCreated;WhenChanged" | Out-File C:\temp\groups.csv
$groups = Get-UnifiedGroup
foreach($group in $groups)
{
$owner = (Get-UnifiedGroupLinks "$($group.DisplayName)" -LinkType Owner).Name -join "|"
$memberCount = (Get-UnifiedGroupLinks "$($group.DisplayName)" -LinkType member).count
"$($group.DisplayName)" + ";" + "$($group.PrimarySMTPAddress)" + ";" + $owner + ";" + $memberCount + ";" + "$($group.WhenCreated)" + ";" + "$($group.WhenChanged)" | out-file C:\temp\groups.csv -Append
}
List all users and the assigned plans including when it was assigned. Export to CSV
Get-AzureADUser | Select-Object displayName -ExpandProperty assignedplans | Export-Csv C:\slask\test2.csv -NoTypeInformation -Encoding UTF8
Or you can match one serviceplan from https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/licensing-service-plan-reference
Get-AzureADUser | Where-Object {$_.AssignedPlans.ServicePlanId -match "d5156635-0704-4f66-8803-93258f8b2678"} | Select-Object displayName -ExpandProperty assignedplans | Where-Object {$_.Serviceplanid -match "d5156635-0704-4f66-8803-93258f8b2678"} | Export-Csv C:\slask\test.csv -NoTypeInformationCheck when licenses were assigned (actually when the service was assigned)
List available Account SKUIDs (licenses)
Get-MsolAccountSku
List all services enabled for a user with a specific license
((Get-MsolUser -UserPrincipalName "[email protected]").Licenses | Where-Object {$_.AccountSkuId -match "<AccountSku>"}).ServiceStatus
Re-enable services for an account (all)
$licenseObject = New-MsolLicenseOptions -AccountSkuId "<AccountSku>"
Set-MsolUserLicense -UserPrincipalName "[email protected]" -LicenseOptions $licenseObject
Convert GUID to ImmuteableId
And vice versa...
GUID -> ImmuteableId
[Convert]::ToBase64String([guid]::New("87475e6b-319f-431e-a283-cbba08afb1ee").ToByteArray())
ImmutableId -> GUID
[Guid]([Convert]::FromBase64String("a15Hh58xHkOig8u6CK+x7g=="))
Installing the module
Install-Module PowershellGet -Force
Install-Module Microsoft.Graph
Interactive Connection
This will open up your default browser and ask you to sign in. This will grant permission of the user
Connect-MgGraph

Interactive login with limited scope
For example, only requesting permissions for User.Read.All
Connect-MgGraph -Scopes User.Read.All
Non interactive with certificate
Starting the migrate from the old modules
Finding the right command
Finding the right command based on old cmdlet
Finding the right command based on URL from the Api
Searching user by UserPrincipalName
Get-Mguser -Search "userprincipalname:[email protected]" -ConsistencyLevel eventual
Last updated
Was this helpful?