Skip to main content

Posts

Showing posts from July, 2020

Graph Basics Get the User Photo and save it to a file (and resize it) with PowerShell

This is part 2 of my Graph Basic's series and this post is born out of an actual need that I had over the last week which was to get a user photo from the Microsoft Graph and save it as a custom size and different image type. Like many things there are multiple ways of doing this but the Microsoft Graph GetPhoto endpoint  is pretty straight forward and delivers the image in one of the following formats 48x48, 64x64, 96x96, 120x120, 240x240, 360x360, 432x432, 504x504, and 648x648. Because I wanted to use the photo on a Elgato stream deck  this required the size be 72x72 so I needed some extra code to do the resize of the photo and change the format from a jpeg to png. Getting the user-photo from the Microsoft Graph  Before you can get the user's photo from Microsoft Graph you need to make sure the application registration you are using has one of the following permissions User.Read, User.ReadBasic.All, User.Read.All, User.ReadWrite, User.ReadWrite.All Then after you have o...

Modifying your Exchange Online PowerShell Managed Code to use oAuth and MSAL

While not as popular these days many .net developers may have in the past used Managed code to run Exchange Online PowerShell cmdlets to do things like assign Mailbox Permissions or run other EXO PowerShell Cmdlets to get reporting information where no other alternatives where available (or are still available). The majority of these code bases are most likely using basic authentication using something like Or maybe some of the examples in  https://docs.microsoft.com/en-us/exchange/client-developer/management/how-to-get-a-list-of-mail-users-by-using-the-exchange-management-shell In this post I'm going to cover how to change your existing code, you might want to consider however making use of some of the new ExchangeV2 Powershell module functionality to improve performance and security . But to migrate existing code to use oAuth from Basic Authentication is relatively straight forward You will need some code to do the Authentication, for this I'm going to use the MSAL library ...

Using 2 Authentication factors (for MFA) in an unattended PowerShell Script

MFA (Multi Factor Authentication) is great at making the Authentication process more secure in Exchange Online but can be challenging in Automation scenarios. I originally wrote this code for something that I wanted to run unattended on a RasberryPi that was running PowerShell that i wanted to use MFA on and where i wanted to avoid going down the path of using the 90 day RefreshToken/device code method and I also didn't want to use App Authentication via Certificates or Client Secrets. Interestingly while i was writing this post Microsoft just announced Certificate based Modern Auth in Exchange Online PowerShell  https://techcommunity.microsoft.com/t5/exchange-team-blog/modern-auth-and-unattended-scripts-in-exchange-online-powershell/ba-p/1497387   .  This article also links to the Secure App Model  https://docs.microsoft.com/en-us/powershell/partnercenter/multi-factor-auth?view=partnercenterps-3.0#exchange  which is the way Microsoft are recommending you handle...
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.