Office 365 Security and Compliance Center Powershell

Photo by Philipp Katzenberger on Unsplash

Office365 Security and Compliance Center Powershell allows you to manage your Office365 Security and Compliance Settings from the command line.

Important Note: There are different commands for connecting to Security and Compliance when you’re on Multi-Factor Authentication (MFA) and to Exchange Online Protection (EOP) standalone.

Note: You only need to set execution policy once. If you already performed this before, you may skip this section.

Set Execution Policy

Step 1: Open Windows Powershell and run it as an administrator

Step 2: Require all Powershell scripts downloaded from the internet are signed by a trusted publisher

Set-ExecutionPolicy RemoteSigned

If you haven’t done this step, you’ll get the following error:

“Files cannot be loaded because running scripts is disabled on this system. Provide a valid certificate with which to sign the files.”

Connect to Office 365 Security and Compliance Center

Be reminded that the following procedures won’t work if:

• Your organization uses federation authentication
• The global administrator you’re using is synchronized with active directory
• A location condition in an Azure Active Directory conditional access policy restricts your access to trusted IPs

Well, if you’re sure that those conditions do not apply, let’s go ahead and connect to Office 365 Security and Compliance Center.

Step 1: Enter your Office365 Global Administrator

$UserCredential = Get-Credential

Step 2: Create a new session

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection

Connection URI values:

• For Office365 Germany https://ps.compliance.protection.outlook.de/powershell-liveid/
• For Office365 Government Community Cloud High (GCC High)
  https://ps.compliance.protection.office365.us/powershell-liveid/

If you want to connect to Security and Compliance Center Powershell in the same window as an active Exchange Online PowerShell connection, you need to add the Prefix parameter and value (for example, -Prefix “CC”) to the end of this command to prevent cmdlet name collisions. Both environments share some cmdlets with the same names.

Step 3: Import Session

Import-PSSession $Session -DisableNameChecking

Always make sure to disconnect your session once you’re finished because you could use up all the Powershell available to you and need to wait for the session to expire.

Step 4: Remove Session

Remove-PSSession $Session

Connect to Security and Compliance Center Powershell using MFA

Step 1: Download the Exchange Online Remote Powershell Module

• Web download: https://cmdletpswmodule.blob.core.windows.net/exopsmodule/Microsoft.Online.CSE.PSModule.Client.application
• Or download it manually by going to
  Exchange Admin Center > Hybrid Set up > Configure

Exchange Admin Center > Hybrid Set up > Configure

Here are some important things to note:

• If you notice, you download the same module when connecting to Exchange Online and Security and Compliance Powershell using MFA. However, you cannot use the same window for two different sessions. You need to use separate sessions of the Exchange Online Remote Powershell Module.
• Delegated Access Permission (DAP) partners cannot use these procedures for their customer’s tenant. MFA and Exchange Online Remote Powershell Module won’t work with delegated authentication.
• Exchange Online Remote Powershell Module is not supported in Powershell core (macOS, Linux, or Windows Nano Server). As a workaround, you can install a module a computer that’s running a supported version of windows and use remote desktop software to connect.

Step 2: Create a session to connect to Security and Compliance Center

Connect-IPPSSession -UserPrincipalName jj@jj365.com

• Enter your Office365 global administrator credentials and verify the code that is sent to your phone for authentication

Different URI values to connect to Office365 Security and Compliance Center

Connect to Security and Compliance Center in Germany

Connect-IPPSSession -UserPrincipalName lukas@fabrikam.com -ConnectionUri https://ps.compliance.protection.outlook.de/PowerShell-LiveID -AzureADAuthorizationEndPointUri https://login.microsoftonline.de/common

Photo by Anton Shuvalov on Unsplash

There you have it! You should be able to connect to your Office365 Security and Compliance Center using Powershell. Of course, with some exceptions as stated in this blog.

I hope you’ve learned a thing or two as I did when I encountered the same issues. See you on the next blog!

Thank you ❤