Friday, October 18, 2013

Migrate users from on-prem Exchange server to Office 365

Moving users one at a time through the EMC was getting super old so I decided to write a script for it to speed it up. Below is the script that I use to migrate a user from the on-prem Exchange 2010 server to Office 365:

A couple of notes on what the script is doing:

 - You will need to edit the lines in the "Declaring the variables" section to fit your environment
 - Pay attention to the help file at the beginning of the script on how to run the script
 - The first thing the script will do is prompt you TWICE for credentials.
       - Once for Exchange on-prem server (LDAP)
       - Second for Microsoft Online (Office 365)
 - Next it will load all the modules/snapins that you will need during this script
 - Starting the script:

1. First thing that we are going to do is disable Unified Messaging (UM) on the on-prem Exchange server. You can't migrate a user while UM is enabled.
2. License the user in Office 365
3. Set the location for the user to US in Office 365
4. Connect to Microsoft Exchange Online with a new session
5. Create the move request for the user from on-prem to Office 365
6. Sends a conformation email to you once the move has been scheduled.

Here is the script:
(quick note: to run this in bulk, just throw in a FOREACH loop in there before the license part)

# **************************************
# ******** NOTES / Help File ***********
# **************************************

<#
.SYNOPSIS
To migrate users one at a time from on-prem Exchange to Office 365

.DESCRIPTION
This script will migrate one user at a time to Office 365. 
It will disable Unified messaging on the local Exchange server, 
then migrate the user to Office 365.  

.EXAMPLE
SingleUserO365migrate.ps1 -UPN username@domain.com -ext 1234

.NOTES
Assumptions - This script is being ran from a server that has 
the following PowerShell modules installed: 

  Exchange 2010 / AD / Microsoft Online / Quest AD
  
The parameters that you will need to include in the script are:
  - UPN = The Users EMAIL address
  - ext = The phone ext of the user that you are migrating

.LINK
Script developed by Bob Ausmus (http://bobausmus.blogspot.com)
#>

#**************************************
#************* Parameters *************
#**************************************

Param(
[parameter(Mandatory=$true)][String]$UPN,
    [parameter(Mandatory=$false)][String]$ext,
[parameter(Mandatory=$false)][String]$officelocation
)

#**************************************
#*******Declaring the variables********
#**************************************


#License to be used is $License
$license = "<License pack of your Office 365 License>"

#On Premises CAS Server is: $OnPremCas
$OnPremCas = "<URL of your OWA from On-Prem Exchange Server>"

#Target Delivery Domain is: $TargetDeliveryDom
$TargetDeliverydom = "<URL of your Office 365 domain>"

#Getting the username of the user that is running the script
$curuser = $env:username

#Creditials for on-prem Exchange Server
$onpremcred = $host.ui.PromptForCredential("Domain Login", "Please enter your LDAP username and password", "DOMAIN\$curuser", "")

# Get Local Users Creditials for MS Online
$cred = $host.ui.PromptForCredential("Microsoft Online Login", "Please enter your email address and password", "$curuser@domain.com", "")

# Setting the name of your Exchange Server
$exchangeserver = <insert name of your Exchange server here>

# Setting for email report
$ToEmail = "to@domain.com"
$FromEmail = "from@domain.com"
$Subject = "Subject for email"
$smtpserver = "mail.domain.com"

#**************************************
#***********Helper Functions***********
#**************************************


# Countdown Function
function CountDown($waitMinutes) {
    $startTime = get-date
    $endTime   = $startTime.addMinutes($waitMinutes)
    $timeSpan = new-timespan $startTime $endTime
    write-host "`nSleeping for $waitMinutes minutes..." -backgroundcolor black -foregroundcolor green
    while ($timeSpan -gt 0) {
        $timeSpan = new-timespan $(get-date) $endTime
        write-host "`r".padright(40," ") -nonewline
        write-host $([string]::Format("`rTime Remaining: {0:d2}:{1:d2}:{2:d2}", `
            $timeSpan.hours, `
            $timeSpan.minutes, `
            $timeSpan.seconds)) `
            -nonewline -backgroundcolor black -foregroundcolor green
        sleep 1
        }
    write-host ""

    }
cls

#*************************************
#*****Checking PowerShell Modules******
#**************************************

# Inserting some blank lines to make the script prettier
write-host 
write-host

# Exchange Module Check

write-host "Checking to see if the Exchange Management PowerShell is installed"
if ((get-pssnapin -name Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction SilentlyContinue | foreach { $_.Name }) -ne "Microsoft.Exchange.Management.PowerShell.E2010") 
{
write-host Exchange Management PowerShell is not added to this session, adding it now...
    Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction SilentlyContinue
. $env:ExchangeInstallPath\bin\RemoteExchange.ps1 
Connect-ExchangeServer $exchangeserver -AllowClobber
}
else
{
write-host Exchange Management PowerShell is good to go. -backgroundcolor black -foregroundcolor green
start-sleep -s 1
}

write-host 
write-host

# AD Module Check

write-host "Checking to see if the Active Directory PowerShell module is installed"
if ((get-module -name ActiveDirectory -ErrorAction SilentlyContinue | foreach { $_.Name }) -ne "ActiveDirectory")
{
write-host ActiveDirectory Management PowerShell is not added to this session, adding it now...
import-module activedirectory
}
else
{
write-host Active Directory PowerShell module is good to go. -backgroundcolor black -foregroundcolor green
start-sleep -s 1
}

write-host 
write-host

# Microsoft Online Module Check

write-host "Checking to see if the Microsoft Online PowerShell module is installed"
if ((get-module -name MSOnline -ErrorAction SilentlyContinue | foreach { $_.Name }) -ne "MSOnline")
{
write-host Microsoft Online Management PowerShell is not added to this session, adding it now...
import-module MSOnline
connect-msolservice -credential $cred
}
else
{
write-host Microsoft Online PowerShell module is good to go. -backgroundcolor black -foregroundcolor green
start-sleep -s 1
}

write-host 
write-host

# Quest AD Module Check

write-host "Checking to see if the Quest AD PowerShell module is installed"
# <old> if (Get-PSSnapin | where {$_.Name -eq "Quest.ActiveRoles.ADManagement"})
if ((get-pssnapin -name Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue | foreach { $_.Name }) -ne "Quest.ActiveRoles.ADManagement")
{
write-host Quest AD Management PowerShell is not added to this session, adding it now...
    Add-PSSnapin Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue
}
else
{
write-host Quest AD PowerShell module is good to go. -backgroundcolor black -foregroundcolor green
start-sleep -s 1
}

write-host 
write-host

#**************************************
#*********Starting the script**********
#**************************************

write-host "Disabling UM for $UPN" -backgroundcolor cyan -foregroundcolor black
$User = $UPN -replace "@domain.com", ""
Disable-UMMailbox -Identity $User -Confirm:$false

# Enable License and Location in MS Online Office 365

# Setting the location for the user in Office 365 to be "United States"
write-host "Setting Usage Location for $UPN to United States" -backgroundcolor cyan -foregroundcolor black
if (get-msoluser -UserPrincipalName $UPN | where {$_.UsageLocation -ne "US"})
{
write-host Setting the location for $UPN to US
set-msoluser -userprincipalname $UPN -usagelocation US
}
else
{
write-host "The location is already set to US, skipping this step"
start-sleep -s 2
}

write-host

# Setting the License for the user to be the proper license in Office 365 
    write-host "Setting License for $UPN to $license" -backgroundcolor cyan -foregroundcolor black
    if (get-msoluser -UserPrincipalName $UPN | where {$_.isLicensed -ne "True"})
    {
        write-host Setting the License in Office 365 for $UPN
        set-msoluserlicense -UserPrincipalName $UPN -Addlicenses $license 
    }
    else
    {
        write-host $UPN already has the $license set, skipping this step
        start-sleep -s 2
    }
write-host

write-host
write-host "Connecting to the Microsoft Online Exchange Server(s)"
# Enabling UM on the mailbox in Office 365 Exchange Environment
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $cred -Authentication Basic -AllowRedirection
import-pssession $session -prefix o365

write-host
write-host "Creating Mailbox Move Request for $UPN" -backgroundcolor cyan -foregroundcolor black
new-o365moverequest -Identity $UPN -Remote -RemoteHostName $OnPremCas -RemoteCredential $onpremcred -TargetDeliveryDomain $TargetDeliveryDom -BadItemLimit 100 -LargeItemLimit 49
Send-MailMessage -To $ToEmail -From $FromEmail -Subject $Subject -SmtpServer $smtpserver -body "$UPN is being moved to Office 365. They are in $officelocation."
write-host
write-host
exit-pssession
write-host "**** The script is complete ****"  -backgroundcolor green -foregroundcolor black


# *****************************************************************
# ****************THIS IS THE BOTTOM OF THE SCRIPT*****************
# *****************************************************************

PowerShell Module and SnapIn Checks

One of the companies that I do a lot of work for uses Office 365 and everything they do is in bulk. Going through the portal to do anything is time consuming for everyone so I have been writing PowerShell scripts to automate as much as possible. The most common thing that I found is that I have to load the following modules and snapin's almost every time I run a script or a command. So rather than opening up several PowerShell windows to accomplish this task, I just load all the modules in the one window and proceed from there.

Here is the script that I put in place for loading all the modules for the following products:

- Exchange 2010
- Active Directory
- MS Online (Office 365)
- Quest AD Tools

The script does a check first to see if you have the module/snapin already loaded. If so, then it will skip to the next one. If not, then it will load the module/snapin. 

# Exchange Module Check
write-host "Checking to see if the Exchange Management PowerShell is installed"
if ((get-pssnapin -name Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction SilentlyContinue | foreach { $_.Name }) -ne "Microsoft.Exchange.Management.PowerShell.E2010")
{
write-host Exchange Management PowerShell is not added to this session, adding it now...
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction SilentlyContinue
}
else
{
write-host Exchange Management PowerShell is good to go. -backgroundcolor black -foregroundcolor green
start-sleep -s 1
}
write-host
write-host


# AD Module Check
write-host "Checking to see if the Active Directory PowerShell module is installed"
if ((get-module -name ActiveDirectory -ErrorAction SilentlyContinue | foreach { $_.Name }) -ne "ActiveDirectory")
{
write-host ActiveDirectory Management PowerShell is not added to this session, adding it now...
import-module activedirectory
}
else
{
write-host Active Directory PowerShell module is good to go. -backgroundcolor black -foregroundcolor green
start-sleep -s 1
}
write-host
write-host



# Microsoft Online Module Check
write-host "Checking to see if the Microsoft Online PowerShell module is installed"
if ((get-module -name MSOnline -ErrorAction SilentlyContinue | foreach { $_.Name }) -ne "MSOnline")
{
write-host Microsoft Online Management PowerShell is not added to this session, adding it now...
import-module MSOnline
connect-msolservice -credential
}
else
{
write-host Microsoft Online PowerShell module is good to go. -backgroundcolor black -foregroundcolor green
start-sleep -s 1
}
write-host
write-host



# Quest AD Module Check
write-host "Checking to see if the Quest AD PowerShell module is installed"
if ((get-pssnapin -name Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue | foreach { $_.Name }) -ne "Quest.ActiveRoles.ADManagement")
{
write-host Quest AD Management PowerShell is not added to this session, adding it now...
Add-PSSnapin Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue
}
else
{
write-host Quest AD PowerShell module is good to go. -backgroundcolor black -foregroundcolor green
start-sleep -s 1
}