Transfer ownership of a PowerApp using PowerShell

    PowerApps administration capabilities have considerably evolved from where it was and now we can easily transfer the ownership of a specific App using a simple PowerShell command. This article will cover that specific task.

    clip_image001

    However, If you look at the latest Power Platform Admin center (https://admin.powerplatform.microsoft.com/) you’ll figure out there’s nothing much we could do there as admins, so PowerShell comes again for the rescue.

    clip_image002

    PowerApps offers two separate PowerShell packages for Creators (a.k.a Makers) and Administrators respectively. Before you can do anything, you need this Admin module installed in your machine.

    you can download the NUGPKG manually from the first link, or run the command below to install it directly.

Install-Module -Name Microsoft.PowerApps.Administration.PowerShell -RequiredVersion 2.0.1

Once you have the module installed, the following command will give you an idea of the number of apps created in your environment. This is important so that you can standardize the permissions and accessibility for all your Apps via proper governance.

Before we begin, here’s the first command to login to PowerApp service. Run PowerShell as admin and then execute this.

Add-PowerAppsAccount

This command will list-down all the apps in your environment with basic information for you to understand the App Name, Display Name Current Ownership etc..

Get-AdminPowerApp

To retrieve the current permissions for a specific PowerApp:

Get-AdminPowerAppRoleAssignment -AppName <APP ID>

This will list down the deep down information of a specific app including all assigned permissions for that particular app.

clip_image003

So now that we have all the information, to change ownership, we can either run this simple command and input the details as prompted, or use the full command below. To run this, ensure that you login from the new owner.

Set-AdminPowerAppOwner

If you get this error (Conflict) it means that the app is opened and being edited. Close all the session for this app and try to execute the command again.

clip_image004

This is the full command with all the parameters and inputs are predefined. The new Owner must run this command as it uses the current logged in user to execute the change.

Set-AdminPowerAppOwner -AppName '895a38f1-f3c3-4cb6-a2d4-64b199badb3d' -AppOwner $Global:CurrentSession.userId -EnvironmentName 'Default-f50d5133-e13c-4359-85f6-ef76484f4c32'

clip_image005

That should easily run and change the new Owner. However, the previous owner will still remain as a normal user which allows the new Owner to decide whether to keep remove. As new owner can use the User Interface to manage the app, he can simply manage the permission there.

clip_image006

Resources:

Retrieve Office 365 users with a specific SKU using PowerShell

Its common that every Office 365 Administrator/Engineer is asked to provide user license stats from sales department for billing or reviewing purposes with the client. This quick read will demonstrate how you can easily get the User license count for a specific SKU via a simple PowerShell cmdlet.

Instead of logging in to Office 365 Admin Center and going through the admin UI to find and export these stats, we can easily do that same using a PowerShell Script. Before you start, ensure that you have latest PowerShell version and the MSOLSERVICE module installed on top of it.

Connect to Office 365 via PowerShell using this command

Connect-MsolService

clip_image001

Once connected, it should simply show as below and no errors or warnings

clip_image002

Now, let’s run Get-MsolAccountSku to get a list of the current licenses in your Office 365 tenant. Make a note of the AccountSkuId value for the license you want to filter on.

Get-MsolAccountSku

clip_image003

Next, you can edit this script to get the users matching that license. In this case, we’re getting users with the EnterprisePremium license.

Get-MsolUser | Where-Object {($_.licenses).AccountSkuId -match "EnterprisePremium"}

clip_image004

Replace EnterprisePremium with the AccountSkuID you’re trying to filter by. As we use the -match operator here we don’t need to type the entire AccountSkuID, we can just type enough of it to ensure that we’re only retrieving that specific SKU. You can change the SKU to meet your specific needs there.

Now we can export this result using this PowerShell line. Change the path to match your target location and file name.

Get-MsolUser | Where-Object {($_.licenses).AccountSkuId -match "EnterprisePremium"} | Out-file C:\Official\ENTPREMUsers.csv

clip_image006

clip_image007


Setup PowerShell to connect Microsoft Teams Administration

Error “Connect-MicrosoftTeams : The term ‘Connect-MicrosoftTeams’ is not recognized as the name of a cmdlet

Root cause – Obviously because of the PowerShell module availability in the machine you are trying to connect from. Every module needs its presence in the local machine to be able to work with PowerShell properly so, installing it and keeping it up to date is vital for commands to execute against the target workload (like Teams, SharePoint or Exchange etc..)

Let’s get through the basics of installing Microsoft Teams PowerShell module. Ensure you launch the native PowerShell from your machine, not Exchange Online PowerShell or SharePoint ones.

Type PowerShell in the start menu and –> right click on the native PowerShell tool and run as Admin

PowerShell

Type this in PowerShell and Enter

Find-Module -Name MicrosoftTeams

clip_image001

Now let’s install this. Type this in PowerShell and Enter

Find-Module -Name MicrosoftTeams | Install-Module

clip_image002

Type “Y” to continue

clip_image003

Now let’s run the connect command to interact with the Office 365 tenant

Connect-MicrosoftTeams

clip_image004

And this should prompt you for authentication where you will provide the Admin credentials to connect

image

Once done, you will get connected to the tenant as below

image

Now, let’s just verify the functionality by running a simple Teams command. If this succeeds, you have installed PowerShell module for Microsoft Teams properly!

Get-Team

image

Find and export the list of users who has not completed About Me section in their Office 365 profile

This is the article 08 in this series.

Having a complete profile in Office365 is not just a benefit for user himself, but for the entire organization which directly impacts on productivity. A finished profile leads to better visibility and eventually results in faster communications across hundreds of thousands of employees in an enterprise setup. Ultimate idea of Office Delve (latest interface of profile comes with more capabilities such as recent activities) is to provide overall insights of a user information and his activities/engagements which makes obvious sense for anyone.

delve_thumb3

Nevertheless, none of these would be in action unless you have a complete profile with basic details entered in. No matter how much HR would try to push, we still spot a lot of random users who haven’t completed their profiles.

With this short and sweet article series, I’m trying to give you the steps that we followed during the identifying process as requested by our HR. screenshots may differ than our production setup, but you surely will get the point here.

I had to use some PowerShell scripting to get this list out from Office 365 and generate a CSV file for each criteria so that HR can directly reach out to the user via emails and advice to take an action to update the profile on the spot. As a result, we were able to get 100% completeness of profiles across a 5000+ employee organization.

There is no out of the box reporting when it comes to Profile Completeness in Office 365, therefore we have no option other than PowerShell. PowerShell is the ultimate tool for O365 administration, whenever graphical interface has a barrier, hence, make sure you dig around it to understand its capabilities to go beyond.

FINDING USERS WITH EMPTY ABOUT ME SECTION IN THEIR PROFILE (This Article)

In this article I’m trying to explain the steps it takes to find out the users who has not filled “About Me” section in their Office 365 profile (or simply, delve profile).

So here we go, following are the requirements before we get started:

  • Azure AD PowerShell Module – download here
  • Azure AD Administrator rights
  • SharePoint Online Administrator rights
  • SharePoint Online PnP Module – Download here

Script steps breakdown:

First and foremost, we need to fetch the Office365 credentials and then connect to both SharePoint Online Admin Centre and Azure Active Directory.

$cred = get-Credential
Connect-AzureAD -Credential $cred
Connect-PnpOnline -Url https://mantoso-admin.sharepoint.com/ -Credentials $cred

Then let’s fetch all users in this tenant, who are internal to the company and that have at least one license assigned to them.

$Users = Get-AzureADUser | Where {$_.UserType -eq 'Member' -and $_.AssignedLicenses -ne $null}

Now to create an empty array in which we will later store the output (user list who has not filled the About me field).

$NoAMUsers = @()

Now we will dig in through each user, and check if they hold a SharePoint profile (This is because About Me field is hosted in SharePoint online, not in Azure AD). If the property exists, and empty, it simply means the About me section has not filled by this user.

foreach ($user in $Users) 
{
    $SPProfile  = Get-PnPUserProfileProperty -Account $user.UserPrincipalName -ErrorAction SilentlyContinue
        if ($SPProfile -ne $null)
        {
          if ($SPProfile.UserProfileProperties.AboutMe -eq "")
            {
               $NoAMUsers += $user
            }
        }
}

And, finally we can export the SharePoint result to a CSV through below part.

$NoAMUsers | Select DisplayName, UserPrincipalName | Export-Csv -Path "C:\Tools\reports\NoAMUsers.csv" -NoTypeInformation

If you need to obtain a similar report on other user criteria’s, here are the other articles of this series which would help you to achieve it.

  1. Find and export list of users with no Manager Name set in Office 365 profile:
  2. Find and export list of users with no Manager Name set in Office 365 profile:
  3. Find and export list of users with no Profile Picture set in Office 365 Account:
  4. Find and export list of users with no Birthday set in Office 365 profile:
  5. Find and export list of users with no Country set in Office 365 Profile:
  6. Find and export list of users with no Department set in Office 365 Profile:
  7. Find and export list of users with no Skills Defined in Office 365 profile:
  8. Find and export the list of users who has not completed About Me section in their Office 365 profile

DISCLAIMER NOTE: This is an enthusiast post and is not sponsored by Microsoft or any other vendor.