Apply email policies in Teams with PowerShell
A feature like priority notifications in Teams needs to be flexible based on the company’s user profiles.
In the Teams Admin Center, you can only assign policies to a maximum of 20 users at a time:
Additionally, when you’re looking for users to assign policies to, you’ll find that filtering them isn’t easy. Instead, you’ll have to manually select a small number of people and then assign them the policy. If you’ve created a number of policies and have a large number of users, this will be time-consuming.
Simplify things using PowerShell
Using PowerShell to make these changes allows you to make mass changes with relative ease. You can use the Grant-CSTeamsMessagingPolicy cmdlet to apply the policy to users. We’ll use this in combination with filtering the results of Get-CSOnlineUser.
First, you need to install the Skype for Business Online PowerShell module. Yes, it’s for Teams – you read that right. If you need to install it, you can read our guide here.
After launching a new PowerShell session, connect to Skype for Business Online using the following PowerShell:
Import-Module SkypeOnlineConnector$Session = New-CsOnlineSessionImport-PSSession $Session
Once logged in, we have access to the range of PowerShell cmdlets for managing Teams as a service. But not for the individual teams themselves – to do that, we need the PowerShell Teams module.
For our purposes, we will only need access to control Teams messaging policies.
To grant a messaging policy to a single user, use the Grant-CsTeamsMessagingPolicy method with the Identity and PolicyName parameters.
Grant-CsTeamsMessagingPolicy -Identity "<UserUPN>" -PolicyName "<Policy Name>"
In the example above, we granted my access to the Power Users of the email policy.
But what if you want to apply this policy en masse? One option is to provide a list of emails for each policy as a CSV file and use Import-CSV to import it.
Another option is to use existing attributes to find the right users. Using Get-CSOnlineUser, you can display a list of available attributes for each user. These include useful properties such as
- the title,
- the city,
- the person in charge,
- the description,
- the company,
- the country or region,
- the display name
- the department.
Example
We’ll use Department in the example below and grant everyone in the Development department the Power Users policy.
To do this, we’ll use Get-CSOnlineUser with the Filter parameter and specify {Department -eq ‘Development’}. This will retrieve all users whose department name is equal to “Development”:
Get-CsOnlineUser -Filter {Department -eq 'Development'}| Select UserPrincipalNameTo ensure readability, we’ll pipe the returned output into Select and display only the UserPrincipalName. This makes it a little easier to judge whether we received the correct information back:
If we’re sure we’ve selected the right users, we can then use the same cmdlet again. But this time, it sends the result directly to Grant-CSTeamsMessagingPolicy:
Get-CsOnlineUser -Filter {Department -eq 'Development'}| Grant-CsTeamsMessagingPolicy-PolicyName "PowerUsers"
After granting the policy to users, it may take a few minutes for the results to appear. So after a few minutes, we can run a slightly modified version of the first cmdlet. This selects the users and this time filters based on TeamsMessagingPolicy:
Get-CsOnlineUser -Filter {TeamsMessagingPolicy-eq 'Power Users'}| Select UserPrincipalNameIn the example above, we retrieve all users who have the Power Users custom policy and display their details. This should allow us to verify that the policy is being applied to these users:
Conclusion
In this article, we used PowerShell to apply an existing custom email policy to users. In this case, we’re using it to easily enable/disable priority notifications for large groups of users, based on department.
