You can use Windows PowerShell to perform a variety of tasks in Azure, either interactively at a command prompt or automatically through scripts. Azure PowerShell is a module that provides cmdlets to manage Azure through Windows PowerShell. You can use the cmdlets to create, test, deploy, and manage solutions and services delivered through the Azure platform. In most cases, you can use the cmdlets to perform the same tasks that you can perform through the Azure Management Portal. For example, you can create and configure cloud services, virtual machines, virtual networks, and websites.
Prerequisites for using Azure PowerShell
- Azure is a subscription-based platform. This means that a subscription is required to use the platform.
- The Azure PowerShell modules require Microsoft .NET Framework 4.5
When you install the module, the installer checks your system for the required software and installs all dependencies, such as the correct version of Windows PowerShell and .NET Framework.
How to: Install Azure PowerShell
You can download and install the Azure PowerShell modules by running the Microsoft Web Platform Installer. When prompted, click Run. The Web Platform Installer installs the Azure PowerShell modules and all dependencies. Follow the prompts to complete the installation.
The method you use to open either console depends on the version of Windows you’re running:
- On a computer running at least Windows 8 or Windows Server 2012, you can use the built-in Search. From the Start screen, begin typing power. This returns a scoped list of apps that includes Windows PowerShell and Azure PowerShell. To open the console, click either app. (To pin the app to the Start screen, right-click the icon.)
- On a computer running a version earlier than Windows 8 or Windows Server 2012, use the Start menu. From the Start menu, click All Programs, click Azure, and then click Azure PowerShell.
How to: Connect to your subscription
There are two ways to provide your subscription information to Windows PowerShell. You can use a management certificate that contains the information or you can sign in to Azure using your Microsoft account or an organizational account. When you sign in, Azure Active Directory (Azure AD) authenticates the credentials and returns an access token that lets Azure PowerShell manage your account.
To help you choose the authentication method that’s appropriate for your needs, consider the following:
- Azure AD is the recommended authentication method since it makes it easier to manage access to a subscription. With the update in version 0.8.6, it enables automation scenario with Azure AD authentication as well if Organizational account is used. It works with Azure Resource Manager API as well.
- When you use the certificate method, the subscription information is available as long as the subscription and the certificate are valid. However, this method makes it harder to manage access to a shared subscription, such as when more than one person is authorized to access the account. Also, Azure Resource Manager API doesn’t accept certificate authentication.
- Use the Azure AD method
- Open the Azure PowerShell console
- Type the following command:
- In the window, type the email address and password associated with your account.
- Azure authenticates and saves the credential information, and then closes the window.
- Staring from 0.8.6, if you have an organizational account, you can type the following command to bypass the pop up window. This will pop up the standard Windows PowerShell credential window for you to enter your organizational account user name and password.
$cred = Get-Credential Add-AzureAccount -Credential $cred
- If you are using this in an automation script and want to avoid any pop up window, use the following snippet
$userName = "<your organizational account user name>" $securePassword = ConvertTo-SecureString -String "<your organizational account password>" -AsPlainText -Force $cred = New-Object System.Management.Automation.PSCredential($userName, $securePassword) Add-AzureAccount -Credential $cred
This non-interactive login method only works with organizational account. An organizational account is a user that is managed by your organization, and defined in your organizations Azure Active Directory tenant. If you do not currently have an organizational account, and are using a Microsoft account to log in to your Azure subscription, you can easily create one using the following steps.
- Login to the Azure Management Portal, and click on Active Directory.
- If no directory exists, select Create your directory and provide the requested information.
- Select your directory and add a new user. This new user is an organizational account.During the creation of the user, you will be supplied with both an e-mail address for the user and a temporary password. Save this information as it is used in another step.
- From the management portal, select Settings and then select Administrators. Select Add, and add the new user as a co-administrator. This allows the organizational account to manage your Azure subscription.
- Finally, log out of the Azure portal and then log back in using the new organizational account. If this is the first time logging in with this account, you will be prompted to change the password.
- Use the certificate method
- Sign in to the Azure Management Portal using the credentials for your Azure account.
- Open the Azure PowerShell console
- Type the following command:
- When prompted, download and save the publishing profile and note the path and name of the .publishsettings file. This information is required when you run the Import-AzurePublishSettingsFile cmdlet to import the settings. The default location and file name format is:
- Type a command similar to the following, substituting your Windows account name and the path and file name for the placeholders:
View account and subscription details
To get the available Azure accounts, type:
To get your Azure subscriptions, type:
While trying to migrate mailboxes to Office 365 within a Hybrid configuration, we have run across this error:
“This mailbox exceeded the maximum number of corrupted items that were specified for this request”
The default number of ‘corrupted items’ or ‘large items’ is 10 per mailbox. Once this is reached, the migration will fail.
You can overcome this problem by 2 ways:
1- Run the migration from the Office 365 portal:
- Open the Office 365 portal and browse to the Exchange Admin Center
- choose Recipients
- Then choose Migration
- Then press press on the + sign
- Choose migrate to Exchange Online then press next as below
- Choose Remote move migration then next
- Then select the users you want to migrate , press the + sign
- Search for the user ,choose it then press ADD
- In the next page , just press next
- Choose the name of this migration
- Choose the domain , by default it will be domainame.mail.onmicrosoft.com
- You can move the mailbox and its archive or only move the archive
- Then you can decide the number of the Bad Item and the large item limits
- Choose the recipient to receive the alerts and reports related to this migration batch
- You can start to start this migration patch manually or automatic
- You can also decide to finalize this script manually or automatic
- Then press new
- You can now watch the migration batch Syncing or Completed
2- The other way to do that is using the Power shell commands
- Find Power Shell ,right click to ‘Run as Administrator
- $cred = Get-Credential ( Enter your Office 365 credentials)
- $s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic -AllowRedirection
- $importresults = Import-PSSession $s -AllowClobber
- $RemoteCredential= Get-Credential (Enter your on premise Exchange credentials)
- New-MoveRequest -Identity <username or mailbox identity here> -Remote -RemoteHostName <hybrid Exchange FQDN> -TargetDeliveryDomain <your target domain e.g. domainname.mail.onmicrosoft.com> -RemoteCredential $RemoteCredential -BadItemLimit 999 -LargeItemLimit 999