Connect to All Microsoft 365 Services using PowerShell (Supports MFA too)

As an Office 365 admin, you spend most of the time in PowerShell to accomplish administrative tasks. Office 365 includes a wide variety of cloud services like Exchange Online, Azure Active Directory, SharePoint Online, Skype for Business Online, Teams, and Security & Compliance center.

Each Office 365 service has their own PowerShell module to create a connection via PowerShell. If you want to work with multiple services, you need to remember (copy & paste 😉) various cmdlets and modules to create sessions manually, which is time-consuming and painful task. And the most important part comes here! MFA. Nowadays, most admin accounts are MFA enabled, which requires a different approach to create a PowerShell session.

Don’t worry! We have created “All-in-One” PowerShell script that connects all Office 365 services using PowerShell with MFA/non-MFA account. You can connect to any/all Office 365 services, just with a single cmdlet.

Script Highlights:

• The script connects to 9 Microsoft 365 services with a single cmdlet.
• Automatically downloads and installs the required M365 PowerShell modules upon your confirmation.
• You can connect to one or more Office 365 services via PowerShell using a single cmdlet.
• You can connect to Office 365 services with MFA enabled account.
• For non-MFA account, you don’t need to enter credential for each service.
• The script is scheduler-friendly. i.e., credentials can be passed as a parameter instead of saving inside the script.
• The script supports Certificate-Based Authentication (CBA) too.
• You can disconnect all service connections using a single cmdlet.

We have an All-in-One PowerShell script to connect various Microsoft 365 PowerShell modules, including MS Graph, Exchange Online, Azure AD, SharePoint Online, SharePoint PnP, Teams, and Compliance Center.

As mentioned earlier, each service requires a different module. We designed our script to install the required module (if it is not already installed) after your confirmation. If you prefer to download and install manually, you can follow the steps provided inside the script.

Download Script: ConnectO365Services.ps1

Now, I’m going to explain how to use our script to connect Office 365 services, whether you’re using MFA or non-MFA accounts, as well as certificate-based authentication. You can utilize this script to connect to a single service or a combination of services. Additionally, you can utilize the script to install Office 365 PowerShell modules as needed.

You can use any one of the below methods to connect to majorly used Microsoft 365 PowerShell modules.

When running the script with an MFA-enabled account, it will prompt for credentials for each service.

If you wish to avoid the credential prompt for each service, you can disable MFA for the account using CA policy.

When using a non-MFA account, you can pass the credentials as parameters. This will avoid the credential prompt while connecting to each service.

Note: MS Graph and MS Graph beta don’t support passing credentials. Therefore, you’ll need to enter credentials for them.

When you want to run the script unattended, you can choose this method. To use certificates, you must register the app in Entra ID. You can use either a CA certificate or create a self-signed SSL certificate.

Note: MSOnline and SharePoint Online PowerShell module don’t support CBA.

• Connect to multiple Microsoft 365 services using PowerShell
• Connect to Exchange Online PowerShell
• Connect to MS Graph PowerShell
• Connect to MS Graph beta SDK
• Connect to SharePoint Online PowerShell
• Connect to SharePoint PnP PowerShell
• Connect to Microsoft Teams PowerShell
• Connect to Security and Compliance Center (SCC) PowerShell
• Connect to Office 365 PowerShell
• Connect to Azure AD PowerShell
• Connect to Skype for Business PowerShell
• Disconnect all Microsoft 365 services at once

If you want to connect multiple services, mention the required services by using ‘Services‘ param.

The above format will prompt for credentials twice and connect to MS Graph and Exchange Online.

If you wish to connect multiple Office 365 services with a non-MFA account, you can pass the credentials as parameters.

This method avoids the need to enter credentials for each service individually.

After executing the script, connected services will be listed as shown in below screenshot.

Now you have connected to Office 365 services and you can manage them through PowerShell.

To connect Exchange Online PowerShell, run the script in any of the below format.
Method 1: Connect to EXO PowerShell with MFA and non-MFA accounts.

It will prompt you to enter credentials. If you want to know detailed steps, refer to connect to Exchange Online PowerShell blog.

Method 2: Connect to Exchange Online PowerShell by passing credential as parameters.

Note: The above format only supports non-MFA accounts.

Method 3: Connect to Exchange Online using certificate based authentication.

While connecting EXO with certificate, organization name must be passed as TenantName.

To install and connect to MS Graph PowerShell (production version), you can run the script in any one of the below methods.

Method 1: Connect to MS Graph PowerShell using MFA and non-MFA accounts

NOTE: MS Graph PowerShell doesn’t support passing credential as params.

Method 2: Connect to MS Graph PowerShell using Certificate

This process involves procedures such as certificate creation, app registration, etc. You can utilize a PowerShell script specifically designed to automate registering the app and creating the certificate.

MS Graph PowerShell has less functionality. So, most admins prefer to use MS Graph beta. To install and connect to MS Graph Beta PowerShell, you can run the script in any one of the below methods.

Method 1: Connect to MS Graph beta PowerShell using MFA and non-MFA accounts

MS Graph beta PowerShell doesn’t support passing credential as params.

Method 2: Connect to MS Graph PowerShell using Certificate

NOTE: While connecting to MS Graph or MS Graph beta PowerShell, you might encounter an “One or more errors occurred” error. This is likely due to having multiple versions of the MS Graph PowerShell module installed on your system.

To connect to SharePoint Online using PowerShell, the SharePoint Online Management Module is required. When you run the below cmdlet, it will prompt you to install that module if it is not already installed.

Method 1: Connect to SharePoint Online PowerShell using MFA and non-MFA account

SharePointHostName used to connect SharePoint Online Administration Center. For admin@contoso.onmicrosoft.com, organization name is Contoso.

Method 2: Connect to SharePoint Online PowerShell by passing credentials

NOTE: SharePoint Online PowerShell doesn’t support certificate based authentication.

SharePoint Patterns and Practices (PnP) allows you to perform complex provisioning and artifact management actions in the SharePoint.

To connect SharePoint PnP using PowerShell, run the script in any of the below methods.

Method 1: Connect to SharePointPnP using MFA and non-MFA account

SharePointHostName used to connect SharePoint Online Administration Center. For admin@Contoso.onmicrosoft.com, organization name is Contoso.

Method 2: Connect to SharePointPnP by passing credentials.

If you don’t pass the SharePointHostName parameter, the script will prompt you to enter the value during execution.

Method 3: Connect to SharePointPnP using certificate

You can use method for unattended script execution.

To connect Teams PowerShell, it requires Microsoft Teams PowerShell Module. When you run the script in below methods, it will install Microsoft Teams PowerShell module and then connects to Teams.

Method 1: Connect to MS Teams PowerShell using MFA and non-MFA account

The above format will prompt you to enter credentials.

Method 2: Connect to MS Teams PowerShell by passing credentials as params.

This format supports only non-MFA accounts and is scheduler-friendly.

Method 3: Connect to MS Teams PowerShell with certificate

This method authenticate using a certificate thumbprint and connects to MS Teams.

With the recent update, the Security and Compliance Center (SCC) now supports REST-based cmdlets. To manage the Office 365 Security and Compliance Center from PowerShell, you can run the script using the following methods based on your requirement

Method 1: Connect to security and compliance center using MFA and non-MFA account

It will prompt you enter credentials.

Method 2: Connect to security and compliance center by passing credentials

You can use this method to connect SCC using non-MFA accounts.

Method 3: Connect to security and compliance center using certificate

NOTE: Connect-IPPSSession -UserPrincipalName WARNING: Your connection has been redirected to the following URI: “https://ind01b.ps.compliance. protection.outlook.com/Powershell-LiveId?BasicAuthToOAuthConversion=true;PSVersion=5.1.19041.3031

When you encounter this warning, it indicates that you are using an older version of the Exchange Online PowerShell module, which requires basic authentication to connect to the Security and Compliance Center (SCC). To resolve this error, you can upgrade to the latest Exchange Online PowerShell module.

To connect with the Microsoft Azure Active Directory Module for Windows PowerShell, utilize the below methods.

Method 1: Connect to MSOnline using MFA and non-MFA accounts

It will prompt you to enter credentials.

Method 2: Connect to MSOnline by passing credential as params.

NOTE: MSOnline PowerShell module doesn’t support certificate based authentication.

To connect with the Microsoft Azure Active Directory PowerShell module, you can use any one of the below methods based on your requirement:

Method 1: Connect to Entra ID (formerly, Azure AD) with MFA and non-MFA accounts

Above cmdlet will install AzureAD module if it is not installed already.

Method 2: Connect to Azure AD by passing credentials as params.

This format doesn’t support MFA enabled accounts.

Method 3: Connect to Azure AD using certificate

You can utilize this format for scheduling too.

Since Skype for Business Online Connector module and the New-CSOnlineSession cmdlet were deprecated, you can use Teams PowerShell module to manage *-CsOnline* cmdlets.

Make sure to disconnect the remote PowerShell session when you’re finished. Else you would end up using all remote PowerShell sessions available to you and you will get the following error.

To disconnect all the Office 365 PowerShell session in the current window, run the below command.

Most admins prefer PowerShell to manage their Microsoft 365 environment. But when it comes to reporting, it is always difficult to get the desired report with PowerShell. Because

• PowerShell requires a lot of effort to generate the needed reports, which is time-consuming.
• Automating report generation is difficult when you are using MFA.
• If you do not retrieve the audit data properly, it will end up with data loss which spoils the purpose.
• If you are a newbie, you might lose in search of finding the right cmdlet.

So, what if there is an easier way to generate Microsoft 365 reports? A tool like AdminDroid will help you in reporting and auditing your Microsoft 365 environment.

AdminDroid offers 1800+ pre-built reports and 30+ smart dashboards, providing comprehensive statistics, monitoring, and alerting for your Microsoft 365 environment effortlessly.

Besides, AdminDroid offers 120+ reports and a handful of dashboards completely for free. It includes reports on Users, Licenses, Groups, Group Members, Devices, Login Activities, Password Changes, License Changes, and more. The free edition doesn’t have any restrictions in reporting functionalities such as customization, scheduling, and exporting. Download Free Microsoft 365 reporting tool by AdminDroid and see how it helps for you.

I hope this blog can help you to create a PowerShell session to Office 365 services. If you face any issues during connection, share with us through the comment section.

Even if you face any other challenges in Office 365 Environment or in need of any PowerShell scripts related to Office 365, let us know in the comment section. Happy Scripting!