How to connect to Microsoft 365 services using Powershell

Introduction

Types of APIs to Microsoft 365 and Azure

Coming soon, including the Microsoft Graph API

List of Powershell modules for Microsoft 365 and Azure

Coming soon

Powershell to Azure AD

Coming soon

Powershell to Exchange Online

Requirements

The account that you use to connect to must be enabled for remote PowerShell. For more information, see Enable or disable access to Exchange Online PowerShell. TCP port 80 traffic needs to be open between your local computer and Microsoft 365. It’s probably open, but it’s something to consider if your organization has a restrictive internet access policy. If your organization uses federated authentication, and your identity provider (IDP) and/or security token service (STS) isn’t publicly available, you can’t use a federated account to connect to Exchange Online PowerShell. Instead, create and use a non-federated account in Microsoft 365 to connect to Exchange Online PowerShell.

High level steps

For Exchange Online, make use of the most recent Exchange Online v2 Powershell module. The high level steps for connecting to Exchange Online with the PS v2 module with MFA and modern authentication are the following:

Set-ExecutionPolicy RemoteSigned
winrm get winrm/config/client/auth
# If you don't see the value Basic = true, you need to run the following command
winrm set winrm/config/client/auth '@{Basic="true"}'
#Install the Exchange Online V2 module for all users
Install-Module -Name ExchangeOnlineManagement
Import-Module ExchangeOnlineManagement
Get-Module ExchangeOnlineManagement
Connect-ExchangeOnline
#To update the module to latest version for all users run the following cmdlet
Update-Module -Name ExchangeOnlineManagement
Connect-ExchangeOnline -UserPrincipalName <UPN> [-ExchangeEnvironmentName <Value>] [-DelegatedOrganization <String>] [-PSSessionOption $ProxyOptions]
#To keep two versions installed side by side
#This command will install latest version side-by-side with existing version
Install-Module -Name ExchangeOnlineManagement -Force
#You should also check which M365 users have Powershell remote access enabled
Get-User -ResultSize unlimited -Filter 'RemotePowerShellEnabled -eq $true'
#To enable remote access for a user
Set-User -Identity user@contoso.com -RemotePowerShellEnabled $true

The high level steps for connecting to Exchange Online with the PS v2 module with modern authentication without MFA are the following:

Import-Module ExchangeOnlineManagement
$UserCredential = Get-Credential
Connect-ExchangeOnline [-Credential $UserCredential] [-ShowBanner:$false] [-ExchangeEnvironmentName <Value>] [-DelegatedOrganization <String>] [-PSSessionOption $ProxyOptions]
#Example for non-special environments (no US Gov, China or Germany regions)
Connect-ExchangeOnline -Credential $UserCredential

Powershell to Sharepoint Online

Coming soon

Powershell to Teams

Coming soon

Powershell to Azure Security and Compliance

Coming soon

Powershell to the Power Platform

Coming soon

Sources

https://docs.microsoft.com/en-us/powershell/exchange/disable-access-to-exchange-online-powershell?view=exchange-ps

https://docs.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps

https://docs.microsoft.com/en-us/microsoft-365/enterprise/connect-to-microsoft-365-powershell?view=o365-worldwide

Was this article helpful?

Related Articles