Office365

This one-liner will download the Office 365 IP list XML file and extract the IPv4 addresses for EOP and Exchange Online.

Azure conditional access provides flexible control over access to Office 365 resources and services based on location/user group membership/device etc. If you set up conditional access rules, any user who doesn’t have an Azure AD Premium license will not be affected by them - access is permitted by default! How to work around this without manually assigning licenses to every user or using a dodgy script? Azure AD has a capability called Dynamic Groups.

Azure conditional access provides amazingly flexible control over access to Office 365 resources and services based on location/user group membership/device etc. Leveraging it to block access generally requires EMS (Enterprise Mobility + Security) licenses for all users. This short script will assign EMS licenses to all users in your tenant who are licensed but do not have EMS yet.

Two quick scripts to convert between ImmutableIDs and AD Objects with pipeline capability.