PowerShell can be used by almost all Microsoft applications, and the same is true for Microsoft cloud services. Needless to say, I’m focussing on Exchange and Entra ID (Azure AD)

Exchange Server

You can use the Exchange Management Shell, but you can also open a regular PowerShell window and use the following commands to connect to an Exchange server. This is the official way.

$Credential = Get-Credential
$Session = http:// +  ([System.Net.DNS]::GetHostByName(($ENV:ComputerName))).HostName + “/PowerShell”
Import-PSSession $Session -AllowClobber

Another option is load the PowerShell snap-in directly into your session. Use the following command for Exchange 2010:

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010

And use the following command for Exchange 2013 and up:

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Snapin

The first option also respect RBAC roles, so only PowerShell commands that you are allowed to use are available. In the second option all commands are available, but they may fail because of permission restrictions. Another thing to be aware of that the Exchange Management Shell will sometimes return values in a different way than PowerShell with the PS snap-in will (Get-MailboxStatistics for example).

Exchange Online

Microsoft has stopped support for Basic Authentication in Exchange Online, so you can no longer use the New-PSSession command in Exchange Online. Instead you must use the Exchange Online Management module in PowerShell.

To install the Exchange Online Management module, execute the following command in a PowerShell window:

Install-Module ExchangeOnlineManagement -RequiredVersion 3.4.0

For more information about versioning, check the PowerShell Gallery on https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.1.0

PowerShell filtering

Exchange Filterable Properties – https://learn.microsoft.com/en-us/powershell/exchange/filter-properties?view=exchange-ps

User -Filter option instead of Where funtion (which retrieves all objects first, where -Filter only returns the objects you need)

Get-Mailbox -Filter 'RecipientTypeDetails -eq "RoomMailBox"'

Entra ID (Azure Active Directory)

There are multiple ways (how confusing) to access Entra ID. The first two are in the process of being decommissioned, the third one is the way forward.

1. Microsoft Online (MSOL) module

The old procedure to access Azure Active Directory is to use the Microsoft Online module (Msol), but Microsoft is deprecating this and it will be out-of-support anytime soon (March 2024).

To install the Msol module, execute the following command:

Install-Module MSOnline

To connect to Azure AD, use the following commands:

$Msolcredential = Get-credential
Connect-MsolService -Credential $MsolCredential

2. AzureAD module

A better, newer, but also planned for decommissioning way to access Entra ID is the AzureAD module

3. Microsoft Graph

The best way (and most likely the way forward) is to use the Microsoft Graph to access EntraID.

page last updated: November 23, 2023