The Microsoft Graph is a unique and powerful way to administrate Microsoft 365. This session will provide you with a introduction to what the Microsoft Graph is, how to access it and how to use to improve the way you maybe currently administrating your customers environments. The session will also be jammed packed with live demonstrations and best practices for automating any Microsoft 365 environment. Save time, save money and save effort by viewing this session.
If you run the command:
you’d except to see all your Intune configuration policies displayed.
However, after connecting to the Microsoft Graph module you see that nothing is returned. My experience has also been receiving incomplete results using these commands.
What I have found is that using the Microsoft Graph directly by using commands like:
$uri = “https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/”
(Invoke-MSGraphRequest -Url $URI -HttpMethod GET).value
produces the desired results as shown above in the same environment.
So my tip is when working with Intune and Endpoint Manager with PowerShell is, use the Microsoft Grah directly to obtain and set the information you need.
There was another Teams import from CSV PowerShell script that someone was working on and having issues with. That script was a bit old and used commands that had been changed in the Microsoft Teams PowerShell module since the script was created. So I have taken that script (unfortunately original source specifically unknown but credit noted) and modified it and uploaded to my Github repo here for all to use:
and the CSV file in the format required is here:
Now that it is in my Github it is easy for me to update when and if required. I encourage you to also go in and have a look at the comments to understand what is going on.
In essence the script will import the data from CSV file and loop through all the entries creating a new Microsoft Team and then the channels specified in this Team as well as assign member and admin roles for you.
If you use the –debug command line parameter it will record a log file for you.
I have also added some error checking and improved output, as shown above, to give you a better idea of what is going on in each step.
I will note that when you assign member and admin permissions to the Team created via this script they seem to take while to show up in the portal. So be patient, as they will appear. This isn’t a limitation of this script but just the refresh cycle of the portal.
There are some additional items I want to add but take a look and let me know what you’d like to see added or if I have made any errors that need fixing. Don’t forget to check back regularly for updates.
A typical tactic after a business email compromise event is the creation of email forwarding rules using any one, or more, of these methods by an attacker:
It is therefore good practice to regularly check and verify the email forwarding rules inside your Microsoft 365 environment.
I have created a free PowerShell script exactly for this purpose, which you can find here:
and the video:
will provide a walk through of its execution.
Once you have set up your PowerShell environment the next thing is to use it to connect to Microsoft 365 services like Exchange Online and Teams.
I have created several free automation scripts at:
to make that process easy.
In this video, I’ll walk you through the steps of using what I have created to make it simple to connect to any Microsoft 365 service using PowerShell quickly and easily.
Here is a direct link to the video:
Keeping all your PowerShell modules up to date for Microsoft 365 is easy using the process in this video along with the free script I provide here:
Simply use the script, with elevated privileges, and you can automatically update all the modules. If you then save the script locally, you can use an option to prompt you for each update if you wish.
Here is a direct link to video:
This video will show you the process of setting up PowerShell on a new clean Windows 10 environment to support working with Microsoft 365. Basically, you grab my free set up script here –
and paste that into an elevated PowerShell window and run it. The required PowerShell cloud modules will then be installed into your environment, making it ready to connect to Microsoft 365, Azure, Intune, etc.
Here is a direct link to the video:
There are current concerns around:
which is yet to have a patch made available.
I found this excellent article:
which provide some PowerShell scripts to create Word documents that can be used to test for the vulnerability.
I have run these scripts to create the actual Word documents and uploaded them for you here:
In both cases, when you open these documents, you should NOT be able to get CALC.EXE to execute on your system unlike what you see above and below.
I have also added these tests to my security testing script which you can download from my GitHub repo here:
When I opened these documents in my production environment, the vulnerability was largely blocked thanks to Windows ASR which I have detailed previously:
You can use the follow KQL query as I did above to view the result of this blocking if you are using something like Azure Sentinel like I am:
| where ActionType startswith ‘Asr’