- Part 1 – Getting the Tenant
- Part 2 – Create Users from CSV file – (This Post)
- Part 3 – Set User Photos in Exchange Online
- Part 4 – Upload User photos to SharePoint / Set User Profile Photos
- Part 5 – Turn on O365 Auditing
- Part 6 – Set up SharePoint Tenant
In this series of posts, I will explain how you can set up a Development O365 Tenant quickly. Using PowerShell scripts, at the end of this process, you will have:
- A O365 Development Tenant with 25 “DEVELOPERPACK” Licenses.
- 25 Users assigned with license
A total of 274 Users added to the Tenant
- Set up for multiple offices
- Organisational structured
- All users will be MFA enabled
- All users will have photos added to their accounts
- Enabling Office 365 Auditing
- Setting up the SharePoint Tenant Settings and enabling Public CDN for SPFX
Unfortunately, I have found it impossible to do the following via PowerShell scripts, and these would need to be done manually. I haven’t included this information within these blog post.
- Create a Tenant App Catalog
- Set Organisation Details
- Set Login Branding
- Set Tenant Branding
In my previous post, I walked you through the step of joining the Office 365 Development program, and set yourself up with a Office 365 Development Tenant with 25 Developerpack Licenses. In this post we are going to add users to the tenant from a CSV file.
Obtaining the code
I have stored my code on GitHub at the following URL for cloning. https://github.com/pmatthews05/SetupDevTenant.git
- Data – Contains the CSV files used within the scripts
- Settings – Contains the JSON settings for the Set-SharePointTenant.ps1 script.
- UserImages – Contains all the photos to all the users being added to the tenant.
- Set-Office365Auditing.ps1 – Turns on the Audit logs, and assign people to view them.
- Set-SharePointTenant.ps1 – Update Tenant Parameters and enabling Public CDN
- Set-UserAccountsOnline.ps1 – Add users and assign licenses and import pictures
- Set-UserPhotosInExchange.ps1 – Add User photos to Exchange
- Set-UserPhotosInSharePoint.ps1 – Add user photos to SharePoint.
- Set-UserProfilePhotosInSharePoint.ps1 – Assigns the user picture to their SharePoint profile.
Creating the users from a CSV file.
In the Data folder there is a csv called AzureADUsers.csv. It is best to open this file in Excel.
Before you run any code, you will need to fix up a couple of columns in lines 2 & 3 of the csv file.
- On line 2, replace UserPrincipleName, GivenName, Surname, MailNickName (Columns B, C, E, F, G) with the account details you gave yourself when creating the Subscription in part 1.
- One line 3, add your name to the manager of Dan Jump.
- Save the CSV file.
- (optional) Put your profile picture in the UserImages folder, with the filename [firstname lastname].jpg
All the names/address/telephone numbers are all made up, converted by me. The names might seem familiar to you, as they are the “Microsoft Users” Microsoft uses in their demos.
We are going to use the powershell script Set-UserAcountsOnline.ps1. Note: None of my scripts will connect you to a service. This will need to be done first before running.
I’m not going to go through the code as the script is quite easy to follow and to understand. If there is anything you are unsure about that is in the script, please leave a comment at the bottom of the post.
This script uses the AzureADUser.csv file and the UserImages profile pictures. It will:
- Create/Update all users in Azure AD.
- Assign them a license (If any are left)
- If new user assigns them a password, to be changed at next login
- Enable their account for Multi Factor Authentication. (This can be disabled in the CSV file, by changing the MFAEnabled to false for the user)
- Upload their picture to Azure AD
To run the script your PowerShell environment will need to have the following modules installed.
If you haven’t done this previously, run Powershell as Administrator. Then type:
Install-Module -Name AzureAD Install-Module -Name MSOnline
Unfortunately, the only way I could enable MFA for users was to use the MSOnline module. There doesn’t seem to be a way of doing it purely using AzureAD.
As stated previously, you will need to connect first, before running the script. It allows you to control the signing in.
Now you are connected, you can call the Set-UserAccountOnline.ps1 file.
.\Set-UserAccountsOnline.ps1 -Path:'.\data\AzureADUsers.csv' -tenantDomain:'[mytenant].onmicrosoft.com' -tempPassword:'[Give A Password]'
Replace [mytenant] with your tenant name. You can either put a password in -tempPassword parameter, or you can remove this parameter. By removing this parameter, you will be setting all your users to have the password P@55w0rd.
This script is idempotent, so you can run it again at any point if there was an issue. When you run out of licenses, the script continues creating the accounts, they just don’t get a license assigned to them.
After the script has run, and you go to your tenant, you will be asked to re-authenticate again, and provide details for MFA.
- Click Next
- I recommend using the Mobile App, and Receive notifications for verification. Click Set up
- Follow the instructions to install the Microsoft authenticator app for your mobile.
- Once set up, you need to provide a mobile number. Fill this in and click Next.
- On the next page, you will be given an app password. Take note of this somewhere. These are useful if you need to run a script on this account, but want to skip MFA, you can just put this password in instead. Click Finished.
View Users in Admin portal
In the Admin portal https://admin.microsoft.com under users, you will see the users have been imported. Some with licenses and some without.
- Any user you select, will give you their details and picture.
In this blog post we have created users from a CSV file, set them up with MFA and a default password. Assigned the first 25 users a license. In the next blog post I will be showing you the PowerShell script to import Pictures into Exchange.