Tag Archives: PowerShell

Connect-PnPOnline with certificate stored in Azure Key Vault

# cert stored in KeyVault
$orgName = "orgname"
$tenant = "$orgName.onmicrosoft.com"
$adminUrl = "https://$orgName-admin.sharepoint.com"
$clientID = "xxxx5b29-xx3d-xx0d-9axx-exxxxxxxxxfx"
$VaultName = 'AutomationVaultName'
$certName = 'CertificateName'
$secretSecureString = Get-AzKeyVaultSecret -VaultName $vaultName -Name $certName 
$secretPlainText = ConvertFrom-SecureString -AsPlainText -SecureString $secretSecureString.SecretValue
$secretByte = [Convert]::FromBase64String($secretPlainText)
$x509Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($secretByte, "", "Exportable,PersistKeySet")

Connect-PnPOnline -Url $adminUrl -ClientId $clientID -Certificate $x509Cert -Tenant $tenant 

Based on:

https://docs.microsoft.com/en-us/powershell/module/az.keyvault/get-azkeyvaultcertificate?view=azps-5.3.0

https://stackoverflow.com/questions/43837362/keyvault-generated-certificate-with-exportable-private-key

Yammer API with PowerShell: Private groups and messages

As an Office 365 administrator, I would like to get some reports on Yammer with PowerShell. How it’s done?

Patrick Lamber wrote a good article here: “Access the Yammer REST API through PowerShell“. The only I would add (important!) is:

By default, even with a Verified Admin token, you do not have access to private messages and private groups content.
To get private stuff, you need select “Private Content Mode” under Yammer Admin Center -> Content and Security -> Content Mode:

Check Microsoft: “Monitor private content in Yammer” and
Yammer: “Verified Admin Private Content Mode

If you do not have “Private Content Mode” set up, you might see some weird “Invoke-WebRequest” errors like:

Long-running PowerShell Office 365 reports

(WIP)

PowerShell is our best friend when it comes to ad-hoc and/or scheduled reports in Microsoft 365. PnP team is doing great job providing more and more functionality with PnP PowerShell module for Office 365 SharePoint and Teams.

Small and medium business organizations are mostly good, but for large companies it might be a problem due to just huge amount of data stored in SharePoint. PowerShell reports on all users or all sites might run days… which is probably OK if you run this report once, but totally not acceptable if you need this report e.g. daily/weekly or on-demand.

How can we make heavy PowerShell scripts run faster?

Of course, you start with logic (algorithm) and leveraging full PowerShell functionality.

(examples)

Parallelism

What if you did everything, but it still takes too long?
– Automation account runbook (+workflow)
– PowerShell 7 parallelism
– Azure VM in the region closest to your Tenant

TBC

References
PnP PowerShell