User account management in Office 365 is the most important in ensuring your organization’s security. Every organization should possess a hierarchy for employees to work efficiently. And in Office 365, “Managers” keep track of their Office 365 users and make them access certain services like SharePoint, OneDrive, etc. So, it is quite crucial to set up the manager for Office 365 users.
How to Set up an Office 365 Manager?
Assigning a manager to a user can be done in different ways:
- Setting up via different admin portals.
- Setting up via PowerShell.
Using UI: Though setting up with all the admin portals may seem simple, a large enterprise has trouble assigning a manager to every user. Admin portals do not provide the option of assigning managers to multiple users at once, so this process takes quite a long time. Thus, UI mode is not a good choice for large enterprises for managing the users in Office 365.
Using PowerShell: PowerShell always stands on by being a good tool for Administrators to manage Office 365 services. With PowerShell, Office 365 Manager could be assigned.
Set-AzureADUserManager – updates the manager for a user in the Azure Active Directory.
Set-AzureADUserManager -ObjectID <UserObjectID> -RefObjectid <ManagerObjectId>
But, here comes the drawback, to set up a manager for Office 365 users based on the user’s specific property such as department, job title, usage location, etc., you need to depend upon multiple filters and cmdlets to get the desired result.
Assign Manager for Microsoft 365 Users Based on User Properties:
Take the following case where you must assign managers only to the “guest users” of the “United States“. Seems quite a complex task, doesn’t it?
Yes, it is! And here, Our PowerShell script comes in handy. The script lets you filter between specific user properties and assign a manager. Use our script to set up a manager in Office 365 for multiple users, with no complications! Isn’t that cool to hear?
Script Download: SetAzureADUserManager.ps1
- Assigns Manager in Office 365 by using more than 10+ user properties, such as filtering by department, job title, and city.
- Furthermore, to assign a manager on a highly-filtered basis. You can use these parameters.
- ExistingManager – overrides your existing manager
- ImportUsersFromCsvPath – assign a manager to the bulk users through the CSV input file.
- ProcessOnlyUnmanagedUsers – assign a manager to unmanaged users in the specific user property.
- GetAllUnmanagedUsers – assign manager to all unmanaged users.
- Automatically, downloads a CSV file. The CSV file contains the usernames that match the given condition.
- Credentials are passed as parameters, so worry not!
- Generates a log file that contains the result status of your manager assignment.
How to Execute the Script?
To run this script, you can choose any one of the below methods.
Method 1: You can use the below method to run the script with both MFA and non-MFA accounts.
Method 2: To run a script non-interactively (i.e., Scheduler-friendly), you can use the below format.
.\ SetAzureADUserManager.ps1 -UserName [email protected] -Password XXX
CSV File – List of Users That Matches given Condition:
As mentioned previously, it exports a CSV file containing a list of users who match the given filter criteria. With the help of the exported CSV file, you can verify whether the inputs are correct or not.
And above all, this script makes everything easier by generating a log file along with it. The log file holds the success rate of the action you performed. By referring to this file, the admin can easily figure out whether the manager is actually assigned or any error has been notified.
Occasionally, a glitch in the Azure AD or a network issue will result in the partial assignment of the manager to your Office 365 account. With the assistance of the log file, you will also be informed of the partial assignment.
The below screenshot is an example of a ‘manager assignment log file’.
More Use case of the Script:
Our script supports in-built filtering parameters to assign manager based on the requirement. We have listed few of the use cases below.
- Assign manager based on user properties.
- Replaces existing manager with a new manager.
- Assign a manager to users in a CSV file.
- Set up manager to unmanaged users based on the user properties
- Assign manager to all the unmanaged users
Assigning Manager Based on User Properties:
This script provides the advantage of filtering your users based on certain user properties and assigning them to the manager. You can assign a manager based on the following user properties.
You can assign an Azure AD Manager by crisscrossing any of the above properties and setup.
For example: If you want to set up an Azure AD manager named “Emma” for the “Guest users” located in the “United States”.
You can set it up as shown in the below screenshot.
Replace Existing Manager With a New Manager in Office 365:
ExisitingManager- Replaces the existing manager with a new Manager in Office 365.
For an instance: Assume that “Lucas” is your manager for Office 365. Now you must replace the existing manager with a new manager, “Emma”
In this case, you can use the “-ExistingManager” parameter to replace the existing manager with a new manager.
.\SetAzureADUserManager.ps1 -ExistingManager <UPN> -ManagerId <ManagerObjId>
Assign Manager to Bulk Users (Input CSV):
ImportUsersFromCsvPath – This parameter assigns the manager to the list of users available in the CSV file.
- The CSV file should have the User Principal Name (UPN) with the header ‘username‘ based on which the manager will be assigned.
- Run the script with the parameter “ -ImportUsersFromCsvPath” along with the path to your CSV file and assign managers to the specific users.
.\SetAzureADUserManager.ps1 -ImportUsersFromCsvPath “C:\Windows\ImportUserFromCsvPath.csv” -ManagerId <ManagerObjectId>
Assign Manager to Unmanaged Users Based on the User Properties:
ProcessOnlyUnmanagedUsers – In some cases, you may override the existing manager when assigning a manager based on the specific user property. To avoid this kind of issue while assigning, use the “-ProcessOnlyUnmanagedUsers” parameter to set up managers only to users with no manager.
For example: If you want to set up an Azure AD manager named “Emma” for the “Guest users” located in the “United States” but with a condition to exclude the managed users and assign only to the “Unmanaged users”.
This function could be performed as shown below.
The above example assigns a manager to only unmanaged guest users in the US location.
Suppose, if you want to assign a manager to all the unmanaged users in your Office 365 rather than assigning managers based on the user properties. You can make use of the parameter “-GetAllUnmanagedUsers” and assign a manager to all the users with no manager.
Assign Manager to All the Unmanaged Users:
GetAllUnmanagedUsers – This parameter finds all users with no manager, exports them to a CSV file, and assigns them a manager. Thus, this helps in tracing out all the users with no manager.
.\SetAzureADUserManager.ps1 -GetAllUnmanagedUsers -ManagerId <RefObjId>
Thereby, this script helps to assign managers to all the unmanaged users and also assign managers to the users refined by specific properties.
Coming to an end, to get an overall experience on how to assign managers to your users, do use our script and manage your Office 365 users effectively.
Having assigned a manager, you’ll need to export your Office 365 user manager report and direct reports. You can export, Office 365 users’ manager report, which contains manager and direct reports information of the users.