Wednesday, 9 September 2015

Delegate Rights Management Role in Office 365

In this article, we will cover how to delegate rights management role to a user

Only a Global Administrator can activate Rights Management Service in Office 365

To find how to Activate Rights Management, Click Here

Launch the Azure Active Directory Rights Management Powershell Module

Connect to Rights Management Service , enter your global admin credentials

connect-aadrmservice

To see who all have Rights Management Administrator Role,

get-aadrmrolebasedadministrator

To delegate Rights Management Admin, use this

add-aadrmrolebasedadministrator -emailaddress "johnsmith@contoso.com"

Activate Rights Management in Office 365

In this Article, we will cover the different options available to activate Rights Management.

Rights Management service can be integrated with 


  • Exchange Online
  • SharePoint Online 
  • Office 


There are two ways in which you activate rights management in Office 365.


  • Using Office 365 Admin Center 
  • Using Powershell

Note: Only a Global Administrator can activate Rights Management

Using Office 365 Admin Center:

Login to Office 365 Admin Center, Go to Services from the left hand panel

Click on Rights Management > Manage > Activate 



Using Powershell:

To Activate using Powershell, you will need to install the Azure Rights Management Administration Tool  i.e.  Windows Azure Rights Management Admin  Powershell module

Connect to Microsoft Online Service

Connect-Msolservice

Import the Rights Management Module

Import-module aadrm

Connect to Rights Management Service 

connect-aadrmservice

To Activate rights Management

Enable-aadrm

Now to Disconnect ,

disconnect-aadrmservice

Add , Remove , Get , Set Groups in Office 365

In this Article, we will cover the Powershell commands available from high level in Office 365 for Groups.

There are four types of msolgroup Commands available for Groups 

  • Adding a Group > New-MsolGroup
  • Removing a Group > Remove-MsolGroup
  • To update the Group Security > Set-MsolGroup
  • Get a Group details > Get-MsolGroup

For more information on the commands, refer to technet

Restore User in Office 365

In this Article, we will cover how to restore a user  using PowerShell in Office 365. 

In order to use the following command lets , the pre-requisite is to Install Windows Azure for Active Directory PowerShell, please refer to Microsoft TechNet Article.

Launch the Windows Azure for Active Directory Shortcut

Connect to Office 365 using the following command , and enter your credentials

Connect-msolservice 

When a user is removed, it goes into Recycle Bin where it's available for 30 days and is recoverable within 30 days from the time of deletion.

Once you are connected, you can use the following command to restore a user

To Get a list of removed users,

Get-MsolUser–returndeletedusers

To Restore a User,

Restore-MsolUser –UserPrincipalName JohnSmith@contoso.com

Remove User in Office 365

In this Article, we will cover how to remove users using PowerShell in Office 365. Users can be removed using Office 365 Admin Center as well.

In order to use the following command lets , the pre-requisite is to Install Windows Azure for Active Directory PowerShell, please refer to Microsoft TechNet Article.

Launch the Windows Azure for Active Directory Shortcut

Connect to Office 365 using the following command , and enter your credentials

Connect-msolservice 

Once you are connected, you can use the following command to remove a user

To Remove a User,

Remove-MsolUser –UserPrincipalName JohnSmith@contoso.com

This will prompt to remove any licenses that are assigned to the user. Once the account is removed, the user account is recoverable within 30 days from recycle bin

To Remove a User from Recycle Bin i.e. permanently delete

Remove-MsolUser –UserPrincipalName JohnSmith@contoso.com -RemoveFromRecycleBin

Adding Users in Office 365


There are various ways in which users can be added in Office 365. You can add the users using the following ways

  • Office 365 Admin Center
  • Bulk Import using CSV Files
  • Directory Sync
  • PowerShell

In this Article, we will cover how to add users using PowerShell

In order to use the following command lets , the pre-requisite is to Install Windows Azure for Active Directory PowerShell.

Launch the Windows Azure for Active Directory Shortcut

Connect to Office 365 using the following command , pand enter your credentials

Connect-msolservice 

Once you are connected, you can use the following command to create a new user
New-MsolUser –UserPrincipalName “JohnSmith@Contoso.com”–Displayname “John Contoso” –Fristname “John” – Lastname “Smith”

Note:  the user account will be created , a random password is generated,  in Windows Azure Active Directory but no licenses are assigned to the user. 

Some other commands to get some help, which I find really helpful are:

For Help > Get-Help  New-MsolUser

For Examples > Get-Help New-MsolUser –examples 

Fore More Information > Get-Help New-MsolUser –detailed 

For Technical Information > Get-Help New-MsolUser –full  

For Online help > Get-Help New-Msoluser –online