Adventures with PowerShell

Microsoft’s PowerShell technology has turned out to be one of the most powerful and versatile tools that the company has ever provided. Whether you are a one-liner, simple scripter, or turning out 10,000 line scripts, it is an impressive technology. We are proud to provide some simple scripts that we use for testing and troubleshooting.

Getting Started

PowerShell Version: Microsoft has already released versions of PowerShell beyond v5.1; we recommend running at least PowerShell v3. You can determine what version you are running by opening a PowerShell prompt and typing $PSVersionTable.

Update with care: Be careful not to update the version of PowerShell on a server or workstation that is using scripts or programs specifically designed for a certain version. So, check other things you are running on a server before updating PowerShell.

Run As Administrator: The Windows User Account Control (UAC) feature can help you prevent malicious, unsigned, or unknown programs from executing on a workstation or server. But, it makes life as an admin much harder. Even though you are logged on as an account that is a member of the Administrators group, some programs may still run in “user” mode. Including PowerShell. So, when you run PowerShell, press SHIFT and right click on the PowerShell icon, then choose “Run As Administrator”.

Execution Policy: The scripts we are providing are “unsigned.” This means that we have not digitally signed the script prior to posting it. Depending on the level of security you have applied to your servers, you may need to tell PowerShell that it is okay to run unsigned scripts. There are a lot of ways to do this, but the simplest is to open PowerShell as an administrator and type:
Set-Executionpolicy -Scope CurrentUser -ExecutionPolicy UnRestricted

Another option is to open up Windows Explorer, navigate to the folder that contains the script, right click on the script, choose Properties, and then click the Unblock button.

Include the Script Path: One of the things that PowerShell does as an additional level of security is that it requires you to provide the path to the script. To execute a script from the current folder, include the “.\” to indicate “current folder. Type:

To run a script from a specific folder, type:

With Great Power...

PowerShell is powerful; it is even right there in the name. You can be the IT hero when your boss says, “We need to update everyone’s company name to ‘Acme Corporation’ today.” So, using the Exchange Management Shell extensions for PowerShell type:
Get-User | Set-User -company “Acme Corporation”

Then you say “All done, boss!” And the crowd goes wild!!!

Or, you type:
Get-User | Remove-Mailbox -Confirm:$false

And, then you start working on your resume.

Be careful. Learn error checking and handling if you are going to script. And be very careful of any command that will do something in bulk. Any scripts that you download from an untrusted source, look through them to see if there are things that could be malicious. And, any scripts that you schedule to run as a scheduled task... Protect them from being updated by an unauthorized user.

User Principal Name

Our software and the below scripts assume that your user’s local User Principal Name (UPN) will match the UPN name in Office 365.


Below are a set of scripts that are are providing for use in troubleshooting and verifying your configuration. These scripts are provided as-is and with limited support.

  Scripts are provided as TXT files. Once you download the script file, change the file extension to PS1.

Checking an O365 Photo

Uploading photos to Office 365 and waiting for them to appear on all of the various components of O365 is about as exciting as watching paint dry. The Check-O365photo.ps1 script requires that you provide a local Active Directory user account and it prompts you for your O365 admin credentials. Then it checks Office 365 to see if the photo exists and, if it exists, it downloads the photo to the current folder so that you can view it.

To check user Snuffy.Smith’s photo, download the script to a folder such as c:\temp, then open a Powershell prompt as an administrator. Then change your current directory to the c:\temp folder and type:
.\check-o365photo.ps1 -UserAccount snuffy.smith

This script is going to query your local Active Directory for snuffy.smith, look up his UPN name attribute, and then connect to Office 365 to verify the user exists and has a photo.

Uploading a Photo to O365

Maybe you want to upload a photo manually. The Upload-O365photo.ps1 script will prompt you for your O365 admin credentials and then upload the photo you specified on the command line.
.\Upload-o365photo.ps1 -useraccount snuffy.smith -userphoto c:\temp\snuffy.jpg

This script will lookup Snuffy’s account in the local Active Directory to get his UPN name, it will then connect to O365 and update his photo.

Testing O365 Network Connectivity

If you are planning to run O365 and Exchange Online PowerShell cmdlets from a system on your network, one of the first things you need to validate is that your server or Windows desktop can establish an HTTPS session to the necessary connection point. The Test-O365connection.ps1 script will perform a PING test and then validate that it can establish a connection to the Exchange Online Connection Point specified in the script. It is simple to run, rename the download file extension to a PS1 extension, open a PowerShell command window as administrator and type:

Deleting an O365 Photo

You may need to manually remove a user's O365 photo. The Remove-O365Photo.ps1 script prompts you for the user's local Active Directory account, then prompts you for your O365 admin credentials. It then connects to O365 and will remove the Exchange Online (EXOL) version of the O365 photo. The script is run like this:
.\Remove-O365Photo.ps1 -userAccount snuffy.smith

Testing an O365 EXOL PowerShell Session

Coming soon.

Check Windows and IIS Dependencies

Coming soon.

Last Review: 5 Feb 2019