Tuesday, 27 February 2018

How to download Microsoft Azure Active Directory Authentication Library (ADAL)

The Azure Active Directory Authentication Library (ADAL) enables client application developers to authenticate users to cloud Azure AD or on-premises Active Directory (AD), and obtain tokens for securing API calls.

There are three main features in ADAL:
  • ADAL supports the automatic refreshment of tokens after they reach their expiration;
  • It also supports asynchronous methods that require tokens.
  • ADAL can manage the process of getting tokens and, by default, stores tokens in what Microsoft calls an "in-memory token cache."

How to download Microsoft.IdentityModel.Clients.ActiveDirectory dll from Nuget:

How to download Microsoft.IdentityModel.Clients.ActiveDirectory dll from Nuget

  • Find the file in File Explorer and change its file extension from .nupkg to .zip.
  • Right-click the .zip file and choose Extract All. Choose Extract. You'll end up with an unzipped folder entitled "Microsoft.Identitymodel.Clients.Activedirectory.version_no".

Thursday, 22 February 2018

Check if Office 365 User is Licensed or Not using PowerShell

In this post I am going to write PowerShell script to check if a given office 365 user is licensed or not using Azure AD V2 PowerShell cmdlet Get-AzureADUser. Earlier with Old Azure AD V1 powershell command (Get-MsolUser) we had the attribute isLicensed but we don't have the same property in latest V2 PowerShell module, so we need to use the property AssignedLicenses to check license status.

Note: Before proceed install Azure Active Directory PowerShell for Graph and run the below command to connect Azure AD V2 PowerShell module:
Connect-AzureAD
The below command checks if license is provisioned or not for the given user account:
$user = "username@o365domain.com"
$AssignedLicenses = (Get-AzureADUser -ObjectId $user).AssignedLicenses
If ($AssignedLicenses.Count -ne 0) {
      Write-Host "Licensed"
 } Else {
        Write-Host "Not licensed"
}

Export all licensed users to CSV file:

Run the below commands to export all the licensed office 365 users to csv file.
$Result=@() 
Get-AzureADUser -All $True | ForEach-Object {
if($_.AssignedLicenses.Count -ne 0){
$Result += New-Object PSObject -property @{ 
Name = $_.DisplayName
UserPrincipalName = $_.UserPrincipalName }
}}
$Result | Export-CSV "C:\\LicensedO365Users.csv" -NoTypeInformation -Encoding UTF8

Export all Unlicensed users to CSV file:

Run the below powershell commands to export all the office 365 users whose license is not provisioned.
$Result=@() 
Get-AzureADUser -All $True | ForEach-Object {
if($_.AssignedLicenses.Count -eq 0){
$Result += New-Object PSObject -property @{ 
Name = $_.DisplayName
UserPrincipalName = $_.UserPrincipalName }
}}
$Result | Export-CSV "C:\\UnLicensedO365Users.csv" -NoTypeInformation -Encoding UTF8

Export license status of all Office 365 users:

$Result=@() 
Get-AzureADUser -All $True | ForEach-Object {
$IsLicensed = ($_.AssignedLicenses.Count -ne 0)
$Result += New-Object PSObject -property @{ 
Name = $_.DisplayName
UserPrincipalName = $_.UserPrincipalName
IsLicensed = $IsLicensed  }
}
$Result | Export-CSV "C:\\O365UsersLicenseStatus.csv" -NoTypeInformation -Encoding UTF8

Check license status for bulk users from CSV file:

The below command checks whether license is applied or not for bulk azure ad users by importing users from CSV file and export the result to csv file.
$Result=@() 
Import-Csv 'C:\Users.csv' | ForEach-Object {
$user = $_."UserPrincipalName"
$userObj = Get-AzureADUser -ObjectId $user
$IsLicensed = ($userObj.AssignedLicenses.Count -ne 0)
$Result += New-Object PSObject -property @{ 
Name = $userObj.DisplayName
UserPrincipalName = $userObj.UserPrincipalName
IsLicensed = $IsLicensed }
}
$Result | Export-CSV "C:\\LicenseStatusReport.csv" -NoTypeInformation -Encoding UTF8

Wednesday, 21 February 2018

Export Enabled and Disabled Office 365 Users to CSV using PowerShell

In this post I am going to share PowerShell script to export enabled Azure AD users and disabled (sign-in blocked) users to CSV file by using latest Azure AD PowerShell for Graph. With latest Azure AD PowerShell module we can extract Office 365 users information by using Get-AzureADUser cmdlet, this command includes the property AccountEnabled and it indicates whether the user is enabled or disabled.

Before proceed install Azure Active Directory PowerShell for Graph and run the below command to connect Azure AD PowerShell module:
Connect-AzureAD

Export Enabled Office 365 Users to CSV:

The below command lists all the enabled Azure AD users in PowerShell console.
Get-AzureADUser -All $True | Where-Object { $_.AccountEnabled -eq $true } | FT
You can export user details to csv file by running below command:
Get-AzureADUser -All $True | Where-Object { $_.AccountEnabled -eq $true } |
Select-Object UserPrincipalName, DisplayName, Department |
Export-Csv "C:\EnabledO365Users.csv"  -NoTypeInformation -Encoding UTF8

Export Disabled Office 365 Users to CSV:

Run the below command to list disabled or sign-in access blocked office 365 users in PowerShell console.
Get-AzureADUser -All $True | Where-Object { $_.AccountEnabled -eq $false } | FT
You can get a list of disabled office 365 users in csv file by running below command:
Get-AzureADUser -All $True | Where-Object { $_.AccountEnabled -eq $false } |
Select-Object UserPrincipalName, DisplayName, Department |
Export-Csv "C:\DisabledO365Users.csv"  -NoTypeInformation -Encoding UTF8

Tuesday, 13 February 2018

Check if Office 365 User is Blocked or Not using PowerShell

In this post I am going to share PowerShell script to check if a given office 365 user is blocked to sign-in by using latest Azure AD PowerShell for Graph. We can use Get-AzureADUser cmdlet to get office 365 user information, this command returns the property AccountEnabled and it indicates whether the login status of user is enabled or disabled. Earlier with Old Azure AD powershell command (Get-MsolUser) we had the same attribute with different name BlockCredential.

Before proceed install Azure Active Directory PowerShell for Graph and run the below command to connect Azure AD PowerShell module:
Connect-AzureAD
The below command checks if login status is enabled or blocked for the given azure ad user account:
$user = "username@o365domain.com"
$accountEnabled = (Get-AzureADUser -ObjectId $user).AccountEnabled
If ($accountEnabled) {
      Write-Host "$user enabled"
 } Else {
        Write-Host "$user disabled"
}

Check sign-in status of multiple user accounts:

Use the below command to check sign-in status is enabled or blocked for multiple user accounts:
$users = "user1@o365domain.com","user1@o365domain.com"
ForEach ($user in $users) {
$accountEnabled = (Get-AzureADUser -ObjectId $user).AccountEnabled
If ($accountEnabled) {
      Write-Host "$user enabled"
 } Else {
        Write-Host "$user disabled"
}}

Check account status for bulk users from CSV file:

The below command gets account status for bulk azure ad users by importing users from CSV file and export the result to csv file.
$Result=@() 
Import-Csv 'C:\Users.csv' | ForEach-Object {
$user = $_."UserPrincipalName"
$userObj = Get-AzureADUser -ObjectId $user
$Result += New-Object PSObject -property @{ 
Name = $userObj.DisplayName
UserPrincipalName = $userObj.UserPrincipalName
AccountEnabled = $userObj.AccountEnabled }
}
$Result | Export-CSV "C:\\AccountStatusReport.csv" -NoTypeInformation -Encoding UTF8

Export all Azure AD users account status to CSV file:

The below command gets all office 365 users and exports account enabled status to csv file.
$Result=@() 
Get-AzureADUser -All $True | ForEach-Object {
$Result += New-Object PSObject -property @{ 
Name = $_.DisplayName
UserPrincipalName = $_.UserPrincipalName
AccountEnabled = $_.AccountEnabled }
}
$Result | Export-CSV "C:\\AccountStatusReport.csv" -NoTypeInformation -Encoding UTF8

Thursday, 8 February 2018

Check if a Software Program Is Installed using PowerShell Script

We can easily check the list of installed applications via Control Panel's Add or Remove Programs UI. But if you are System Administrator and need to frequently check whether an application is installed or not, the PowerShell script will be very useful in this case.

Summary:


Check if a Software is installed by using WMI query:

The below function checks the application is installed or not by using Powershell's WMI Class Win32_Product.
function Check_Program_Installed( $programName ) {
$wmi_check = (Get-WMIObject -Query "SELECT * FROM Win32_Product Where Name Like '%$programName%'").Length -gt 0
return $wmi_check;
}

Check_Program_Installed("Microsoft SQL")

Check if a Program is installed or not by checking registry value:

The below PowerShell function check the Uninstall location and returns true if a given program is installed and returns false if not installed.
function Check_Program_Installed( $programName ) {
$x86_check = ((Get-ChildItem "HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall") |
Where-Object { $_."Name" -like "*$programName*" } ).Length -gt 0;

if(Test-Path 'HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall')  
{
$x64_check = ((Get-ChildItem "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall") |
Where-Object { $_."Name" -like "*$programName*" } ).Length -gt 0;
}
return $x86_check -or $x64_check;
}

Check_Program_Installed("Microsoft")
This above script checks both the regular Uninstall location as well as the"Wow6432Node" location to ensure that both 32-bit and 64-bit locations are checked for software installations.

Check if a Software is installed in Remote Machine:

The below function checks if the given software program is installed or not in remote computer.
function Check_Program_Installed($computer, $programName ) {
$wmi_check = (Get-WMIObject -ComputerName $computer -Query "SELECT * FROM Win32_Product Where Name Like '%$programName%'").Length -gt 0
return $wmi_check;
}

Check_Program_Installed("hp-pc","Microsoft SQL")

Export list of Installed Software Programs into CSV file:

You can export the installed software application details to CSV using Powershell's Export-CSV cmdlet. The following script exports the Non-Microsoft applications to CSV file.
Get-WMIObject -Query "SELECT * FROM Win32_Product Where Not Vendor Like '%Microsoft%'" |
Select-Object Name,Version,Vendor,InstallLocation,InstallDate |
Export-CSV 'C:\Non_MS_Products.csv'