Exchange Online

Exchange Online is a Microsoft service for storing and controlling emails, dedicated for companies. It can be retrieved as a standalone service or in an O365 bundle. The following options are currently available:

https://products.office.com/en/exchange/compare-microsoft-exchange-online-plans:

For our examples, we are using an O365 subscription. There is also a GUI available to manage Exchange Online, but for bulk operations you should always prefer the programmatic approach with PowerShell.

The GUI can be found at the following link: https://outlook.office365.com/ecp/.

For our example, we are using a mostly empty tenant, and the GUI looks as follows:

First, we need to establish the connection from PowerShell to the online service. There are three connection URIs available, which you must know:

To set up the connection, you need to provide your credentials. By this point, you should have learned about the possibilities for working safely with credentials. For the following example, we are using the Get-Credential method to enter the password interactively. But for automation purposes, you might want to store the passwords. Take another dedicated look at Chapter 4, Advanced Coding Techniques, for the possible ways to store and retrieve sensitive passwords:

#Credentials to connect to online service
$UserCredential = Get-Credential -UserName '[email protected]' 

#Showing credentials
$UserCredential

To set up a connection and gain the available service cmdlets, you can work with the New-PSSession and Import-PSSession cmdlets:

#Setting up the session
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection

#Showing session
$Session

#Import remote functions to our current session and saving module information in variable
$returnedInformation = Import-PSSession $Session

#Showing loaded module
$returnedInformation

In the $returnedInformation variable, the imported module is shown. The name is a temporary name in the format tmp_%GUID%, and you can also see the imported (from a server point of view, exported) commands, which you can use:

The following lines will show all available cmdlets and number them:

#Displaying all available cmdlets
Get-Command -Module ($returnedInformation.Name)

#Number of imported cmdlets
(Get-Command -Module ($returnedInformation.Name)).Count # 684 in July 2018

The problem that you may encounter when importing so many cmdlets to your session or managing different tenants, are the overlapping cmdlets. To avoid equally named cmdlets, you can also use a prefix as follows:

#Defining a prefix to import exchange functions
$prefix = 'DdNExchange_'

#Import remote functions with prefix to our current session
Import-PSSession $Session -Prefix $prefix

#Displaying all available cmdlets
Get-Command "*$prefix*" -CommandType 'Function'

#Showing information to Get-Mailbox 
Get-Command ("Get-{0}Mailbox" -f $prefix) | Select-Object *

#Showing help to Get-Mailbox 
Get-Help ("Get-{0}Mailbox" -f $prefix) #Error

#Executing cmdlets
&("Get-{0}Mailbox" -f $prefix)

The prefix can be added as a property to the Import-PSSession cmdlet, and this prefix will be integrated as the leading noun for the imported cmdlets. The example also shows how the cmdlet, with its containing prefix, can be built generically to avoid hard-coding. 

After each session, it is important that every session is removed correctly. To show you an example of secure coding and working correctly with logging and exception handling, we have put up a simple example, as follows: 

#Credentials to connect to online service
$UserCredential = Get-Credential

#Debug information
Write-Debug $UserCredential

#Set up connection
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection

#Proving if the session exists
if ($Session) { 
    Write-Information 'Session established'

    #Debug information
    Write-Debug $Session

    #Clean error handling
    try {
        #Import remote functions to our current session
        $returnedInformation = Import-PSSession $Session

        #Debug information
        Write-Debug $returnedInformation

        #do something
        Get-MailBox
    }
    catch {
        #Showing errors:
        $errorMessage = $_.Exception.Message
        $innerException = $_.Exception.InnerExceptionMessage
        Write-Error "ErrorMessage: $errorMessage" + [System.Environment]::NewLine + "InnerException: $innerException"
    }
    finally {
        #Removing session after error and or finished
        Remove-PSSession $Session 
        
        #Debug information
        Write-Debug "Session removed."
    }
}

Here, we also made use of the Write-Information and Write-Debug cmdlets to provide further information, if needed, and validated the session before using it. If you want to execute code in production, it is always important to return information about its success and for troubleshooting. In addition, always try to catch all possible errors and return the error information instead.

If you want to use multifactor authentication instead, you need to install the Exchange Online Remote PowerShell Module in advance, which can be found at the following link:

http://technet.microsoft.com/library/ace44f6b-4084-4f9c-89b3-e0317962472b.aspx

The used authentication method needs to allow basic authentication. This is enabled by default:

https://docs.microsoft.com/en-us/powershell/exchange/exchange-online/connect-to-exchange-online-powershell/mfa-connect-to-exchange-online-powershell 

The cmdlet to establish the connection to Exchange Online with MFA is Connect-EXOPSSession, as follows:

Connect-EXOPSSession -UserPrincipalName <UPN> [-ConnectionUri <ConnectionUri> 
-AzureADAuthorizationEndPointUri <AzureADUri>]

For general O365 subscriptions, you don't need to enter a dedicated ConnectionUri or AzureADAuthorizationEndPointUri. For O365 Germany, though, the command would look like the following:

#multifactor authentication with german O365 subscription
Connect-EXOPSSession -UserPrincipalName [email protected] -ConnectionUri https://outlook.office.de/PowerShell-LiveID -AzureADAuthorizationEndPointUri https://login.microsoftonline.de/common

After you have executed this code, the sign-in window will show up, followed by the verification window.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset