How to Disable Exchange Online PowerShell access of a User

Every user in your Office 365 is able to access Office 365 via PowerShell. Some of you think that this is a security gap. Actually, it is not. Although users are able to access to Office 365 via PowerShell, that doesn’t mean that they have Administrative rights to perform administrator tasks.

Generally, we use RBAC to give administrator right to IT team and they got Administrative PowerShell rights.

Sometimes, IT managers request that Helpdesk team may have admin access to GUI not PowerShell. They are trying to avoid some accidents:)

You may use below command to disable PowerShell access on a particular user.

to understand that the user has access, run below command in Exchange Online PowerShell

get-user -Identity “Test User” | FL RemotePowerShellEnabled

Result:

RemotePowerShellEnabled : True

In order to disable it, run below command

set-user -Identity “Test User” -RemotePowerShellEnabled $false

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: