PowerShell to Exchange Online

PowerShell to Exchange Online KB ID 0001814

Problem

While attempting to PowerShell to Exchange Online today, I tried to do this by using my usual method, and repeatedly got this error.

[box]

New-PSSession : [outlook.office365.com] Connecting to remote server outlook.office365.com failed with the following
error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:12
+ $Session = New-PSSession -ConfigurationName Microsoft.Exchange -Conne ...
+            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
   gTransportException
    + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed

[/box]

I double checked the username/password was correct, and that the user was a global admin.

PowerShell to Exchange Online: Solution

After some searching it would seem that if the user is using MFA or you need to connect via modern authentication this can happen! Open an administrative PowerShell window, and execute the following commands;

[box]

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser

Then Press A {Enter}
Install-Module -Name PowerShellGet -Force

If Prompted Press Y and {Enter}

Install-Module -Name ExchangeOnlineManagement -Force
Connect-ExchangeOnline -UserPrincipalName username@domain.com -ShowProgress $true

Log on interactively

[/box]

Then continue as normal.

Related Articles, References, Credits, or External Links

NA

PowerShell: Disable MFA For All O365 Users

KB ID 0001655

Problem

If you have something boring/repetitive to do then Powershell is your friend! I needed to do this for a client that’s replacing their Office365/Azure AD MFA (Multi Factor Authentication) with Duo.

Solution

Connect to your Microsoft Services Online, i.e. Office365/Azure, using your administrative credentials with the following command;

[box]

Connect-MsolService

[/box]

Then (Note: I’ve got more than 1000 users so I need to add the MaxResults switch).

[box]

Get-MsolUser -MaxResults 2000 | Set-MsolUser -StrongAuthenticationRequirements @()

[/box]

Office 365: Disable MFA For One User

Similar to above;

[box]

Get-MsolUser -UserPrincipalName {user-name} | Set-MsolUser -StrongAuthenticationRequirements @()

[/box]

Related Articles, References, Credits, or External Links

NA

MRS Proxy Error ‘The connection to the server could not be completed’

KB ID 0001358

Problem

When attempting a cross forest mailbox migration, When specifying the ‘Remote MRS Proxy Server address’ you get the following error;

error

the connection to the server ‘server-fqdn‘ could not be completed

Solution

Note: For Office 365 Environments see below.

This tripped me up for quite a while, (it kept saying access denied). I’d tested this previously and everything was working. Note: If you have never had it working, ensure that the name you are using is resolvable in DNS and it’s the name on the certificate of the MRS Proxy server, (or at least a subject alternative name) See this link for how to set it up properly.

Assuming, (like me) everything is OK and the MRS proxy service is running etc, then I found the root cause of my problem by running;

[box]Get-MigrationEndpoint | fl[/box]

I saw the problem straight away, it was using ‘cached credentials for an admin user who had changed their password, now all I had to do was work out how to replace the credentials!

Within the the Exchange admin center > Recipients > Migration > {Ellipsis} > ‘Migration Endpoints’.

Update.

Enter the new (correct credentials)  > Save > Save.

Now retry your ‘batch’ migration.

Office 365 Migration Endpoint Error

If you get the same error when attempting to setup a Migration Endpoint in Office 365;

Then simply skip setting up the endpoint, and perform a batch migration, the system will then connect to the MRS proxy service and work.

Related Articles, References, Credits, or External Links

NA