Graph PowerShell Scripts for Streamlining IT Helpdesk Operations
Graph PowerShell scripts provide a powerful way to automate routine helpdesk tasks, such as password resets, user account unlocking, and updating user details. In this article, we will explore how to use Graph PowerShell scripts to automate these essential helpdesk operations, including bulk operations.
Why Use Graph PowerShell for IT Helpdesk Operations?
Graph PowerShell is a module that allows IT administrators to interact with the Microsoft Graph API using PowerShell cmdlets. This provides a seamless way to manage Microsoft 365 services and automate tasks, ensuring consistency and efficiency. Here are some benefits of using Graph PowerShell for IT helpdesk operations:
- Automation: Automate repetitive tasks to save time and reduce manual effort.
- Consistency: Ensure that tasks are performed consistently across the organization.
- Scalability: Easily manage large environments with minimal effort.
- Integration: Integrate with other systems and workflows for a unified IT management experience.
M365 User Password Reset
This script allows IT support teams to reset a user's password quickly and securely.
Connect-MgGraph -Scopes "User.ReadWrite.All"
$userPrincipalName = "user@domain.com"
$newPassword = "NewSecurePassword123!"
Update-MgUser -UserId $userPrincipalName -PasswordProfile @{password = $newPassword; forceChangePasswordNextSignIn = $true}
Example Use Case: Automate password resets for users who have forgotten their passwords, ensuring they can regain access to their accounts quickly.
How the Script Works?
The script does the following:
- Installs Microsoft Graph PowerShell Module.
- Connects to Graph PowerShell with the User.ReadWrite.All permission.
- Takes in the $userPrincipalName and $newPassword values.
- Uses Update-MgUser cmdlet to update or reset the user password.
M365 User Account Unlock
This script unlocks a user's account, enabling them to access their services without delay.
Connect-MgGraph -Scopes "User.ReadWrite.All"
$userPrincipalName = "user@domain.com"
Update-MgUser -UserId $userPrincipalName -PasswordProfile @{password = $newPassword; forceChangePasswordNextSignIn = $true}
Example Use Case: Quickly unlock user accounts that have been accidentally locked out, minimizing downtime and improving user productivity.
How the Script Works?
The script does the following:
- Installs Microsoft Graph PowerShell Module.
- Connects to Graph PowerShell with the User.ReadWrite.All permission.
- Takes in the $userPrincipalName of the user whose account is to be unlocked.
- Uses Update-MgUser cmdlet to set the -AccountEnabled property of the user to $true.
Updating User Details
This script updates user details such as phone numbers, department, and job titles.
Connect-MgGraph -Scopes "User.ReadWrite.All"
$userPrincipalName = "user@domain.com"
$phoneNumber = "+1234567890"
$jobTitle = "IT Support Specialist"
Update-MgUser -UserId $userPrincipalName -BusinessPhones @($phoneNumber) -Department $department -JobTitle $jobTitle
Example Use Case: Keep user profiles up-to-date with the latest information, ensuring accurate and current records for all employees.
How the Script Works?
The script does the following:
- Installs Microsoft Graph PowerShell Module.
- Connects to Graph PowerShell with the User.ReadWrite.All permission.
- Takes in the $userPrincipalName of the user whose account is to be updated.
- Takes in the user properties to be updated - like phone number, job title etc., - and passes them to Update-MgUser cmdlet.
M365 Bulk Password Reset
This script resets passwords for multiple users, making it easier to manage large groups.
Connect-MgGraph -Scopes "User.ReadWrite.All"
$users = Import-Csv -Path "users.csv"
foreach ($user in $users) {
Update-MgUser -UserId $userPrincipalName -PasswordProfile @{password = $user.NewPassword; forceChangePasswordNextSignIn = $true}
}
Example Use Case: Efficiently reset passwords for multiple users during a security incident or as part of a regular maintenance routine.
How the Script Works?
The script does the following:
- Installs Microsoft Graph PowerShell Module.
- Connects to Graph PowerShell with the User.ReadWrite.All permission.
- Reads user details from the CSV file using the Import-CSV cmdlet.
- Loops through users and executes Update-MgUser cmdlet to reset their passwords with the new passwords from the CSV file.
Note: The CSV file should contain the UserPrincipalName and NewPassword headers and corresponding values.
M365 Bulk Account Unlock
This script unlocks multiple user accounts in a single operation.
Connect-MgGraph -Scopes "User.ReadWrite.All"
$users = Import-Csv -Path "users.csv"
foreach ($user in $users) {
Update-MgUser -UserId $user.UserPrincipalName -AccountEnabled $true
}
Example Use Case: Unlock multiple user accounts that have been locked due to a widespread issue or during regular account maintenance.
How the Script Works?
The script does the following:
- Installs Microsoft Graph PowerShell Module.
- Connects to Graph PowerShell with the User.ReadWrite.All permission.
- Reads user details from the CSV file using the Import-CSV cmdlet.
- Loops through users and executes Update-MgUser cmdlet and sets -AccountEnabled property to $true for users from CSV file.
Note: The CSV file should contain the UserPrincipalName and corresponding values.
Bulk Updating User Details
This script updates details for multiple users based on data from a CSV file.
Connect-MgGraph -Scopes "User.ReadWrite.All"
$users = Import-Csv -Path "users.csv"
foreach ($user in $users) {
Update-MgUser -UserId $user.UserPrincipalName -BusinessPhones @($user.PhoneNumber) -Department $user.Department -JobTitle $user.JobTitle
}
Example Use Case: Efficiently update the profiles of multiple users when there are organizational changes or during regular data maintenance.
How the Script Works?
The script does the following:
- Installs Microsoft Graph PowerShell Module.
- Connects to Graph PowerShell with the User.ReadWrite.All permission.
- Reads user details from the CSV file using the Import-CSV cmdlet.
- Loops through users and executes Update-MgUser cmdlet and sets -AccountEnabled property to $true for users from CSV file.
Note: The CSV file should contain the UserPrincipalName and corresponding values.
Possible Errors You Might Face
Here are some best practices to keep in mind to make the most of Get-MgUser cmdlet:
- Authentication Failure:: Ensure you have the necessary permissions to execute the script. You need appropriate Graph API permissions, such as User.ReadWrite.All. Make sure to use an account with administrative privileges.
- User Not Found:: The error message "Resource 'user@domain.com' does not exist or one of its queried reference-property objects are not present" appears. Verify that the user principal name (UPN) is correct and exists in the directory. Double-check the CSV file for any typos or incorrect UPNs.
- Incorrect CSV Format: The script fails to process the CSV file, or the error message "The CSV file is not formatted correctly" appears.Ensure the CSV file is correctly formatted with appropriate headers. Use Import-Csv cmdlet to validate the data before using it in the script.
- Rate Limiting:: The error message "Rate limit is exceeded. Try again later." appears. Implement retry logic in your script to handle rate limiting as shown in the script.
Related Articles:
Connect to Microsoft 365 Using PowerShellHow to Create Bulk Users in Office 365 Using Graph PowerShell?
Create Microsoft 365 Group Using Microsoft Graph PowerShell
Block Microsoft 365 User Using Microsoft Graph PowerShell
Assign Microsoft 365 License Using Graph PowerShell
Microsoft 365 User Management Using Graph PowerShell
Checking Group Membership in Microsoft 365
Bulk Assign Microsoft 365 License
Find Inactive Users in Microsoft 365
Using Powershell Graph Search Query
Using Powershell Graph Filter Query
Using Where-Object In Graph PowerShell
Using Expand Property In Graph PowerShell
Using Select Object In Graph PowerShell
Using -Contains Operator In Graph PowerShell
Add User to Multiple Microsoft 365 Groups Using Graph PowerShell
Get Microsoft 365 User Location Using Graph PowerShell
Import Microsoft 365 Groups from CSV File Using Graph PowerShell
Microsoft 365 Group User Import Using Graph PowerShell