PowerShell Install-Module: The term ‘Install-Module’ is not recognized

PowerShell error : Install-Module: The term ‘Install-Module’ is not recognized as the name of a cmdlet.
This error Is Manly Because Of The Limitation of cmdlet and resource available on Machine.

This Gallery TechNet Will help you to resolve The Error” Install-Module: The term ‘Install-Module’ is not recognized as the name of a cmdlet.”
While Performing This Step We Need to restart the system So Request You to Save Any unsaved Document Before Following the Below Steps.
To Resolve This We Need to Update. Windows Management Framework 5.1 with the Help of Below Link

https://www.microsoft.com/en-us/download/details.aspx?id=54616
*Tested on Client Machine

Step 1 : Run the PowerShell as Administrator.

 

Step 2 : When We try the Command Install-Module msonline
PS C:\Users\Administrator>Install-Module msonline
It Givens Error
Install-Module : The term ‘Install-Module’ is not recognized as the name of a cmdlet, function, script file,or operable program.
Check the spelling of the name, or if a path was included,verify that the path is correct and try again.
At line:1 char :1
+Install-module msonline



Step 3 : To Check the Host version Type Host

PS C:\Users\Administrator>HOST

 

Step 4 :if the Host Version 4.0 or Below That Need to Download And Install the Windows Management Framework 5.1

Need to Update. Windows Management Framework 5.1 with the Help of Below Link

https://www.microsoft.com/en-us/download/details.aspx?id=54616
* Note :When We Download and install windows Management Framework 5.1. it Will restart the Machine So please Save any unsaved Document.


Step 5 : Choose the Download you want as per Your Operating System.

Step 6 : Once we Restart the Machine Than Run the PowerShell as Administrator again.

Step 7 : We can Confirm if the HOST Version is Updated to 5.1

How to Enforce Multi-Factor Authentication for All Users of Your Office 365 Subscription

Multi-Factor Authentication (MFA) is a great security tool, and we always recommend it. Office 365 admins can enforce MFA for users, which means you can help protect anyone sharing your Office 365 business subscription.

To do this you’ll need to be an Office 365 administrator, which only happens with a business plan. If your Office 365 subscription comes as part of a domain hosting package, then you’ll have access to the Admin console. However, if you’ve just purchased a personal subscription (or home subscription for your family), then you won’t have access to the Admin console, and you can only turn MFA on for yourself. If you’re not sure, click the Office 365 app launcher and look for the Admin tile.

The Admin tile on the O365 app launcher

If it’s there, you’ve got access to the Admin console. Click the Admin tile, and on the menu on the left-hand side click Settings > Services and add-ins.

The "Services & add-ins" option in the Admin menu

This opens the Services and add-ins page, where you can make various tenant-level changes. One of the top items will be “Azure multi-factor authentication.”

The "Azure multi-factor authentication" option

Click this, and on the panel that opens on the right, click “Manage multi-factor authentication.”

The "Azure multi-factor authentication" link

This will take you to the multi-factor authentication page. You can immediately turn MFA on for anyone who is using your Office 365 subscription, but, before that it’s best to acquaint yourself with the default settings. To do this, click “Service Settings.”

The "service settings" tab

You can change whatever settings you like, or leave them as the defaults. One potential setting to look at changing is whether or not MFA can be remembered on a device. By default this is off, but turning it on means your family won’t have to go through the MFA process every time they want to check their email or edit a document.

If you switch this on, the default number of days a device can go before having to re-authenticate is 14, which means a phone/tablet/computer will be trusted for 14 days before the user has to go through the MFA process again. Having to go through the MFA process is simple, but having to do it every 2 weeks on every device that your family uses might still be a bit too much and you have the option to set this as high as 60 days.

If you do make any changes to this or any other settings, click “Save” at the bottom to the panel to save the changes, then click “users” to go back to turning on MFA.

The "service settings" options and the "users" tab

Now that you’ve made sure the settings are right, you can enable MFA for each user. Select the users for whom you want to turn MFA.

The users table with a selected user

To the right of the table of users, click the “Enable” option that appears.

The Enable option

On the confirmation screen, click “Enable Multi-Factor Authentication.”

The "enable multi-factor authentication" button

This will enable MFA for the user, and the next time they login to Office 365 on the web, they’ll have to go through a process of setting up MFA. If they don’t log in very often (or you want to make sure you’re around to help them through the process), you can also send them the link from the confirmation screen so that they can set up MFA at a time that suits them. The link is https://aka.ms/MFASetup, which is the same for everyone setting up MFA.

Once you’ve clicked “Enable Multi-Factor Authentication” you’ll see a success message, which you can close.

The "Updates successful" dialogue

MFA is now enabled for the user; now, they need to set it up. Whether they wait until the next time they login, or they use the link we mentioned above, the process for setting up MFA is exactly the same.

Login to your Office 365 account as normal, and a screen will be displayed telling you that “your organisation needs more information to keep your account secure.”

The start of the O365 login process

Click “Next” to be taken to the “Additional security verification” panel, where you can choose your MFA method. We always recommend using an authenticator app, and you’ll have to use Microsoft Authenticator with Office 365. Even using MFA via SMS is still better than not having MFA at all, so choose the method that works best for you in the first dropdown.

The "Additional security verification" panel

We’re going to use a mobile app, which will change the available configuration options. First you need to choose whether to”Receive notifications for verification” (which means a message will pop up on the Microsoft Authenticator app on your phone asking you to approve or deny a login to your account) or whether to “Use verification code” (which means you’ll have to enter a code generated by the Microsoft Authenticator app on your phone when you login to Office 365). Either works fine, and it’s up to you what you choose. After this, you need to click the “Set Up” button to set up the app.

Radio buttons to choose the contact method

At this point a panel will appear telling you to install the Microsoft Authenticator app on your phone and then either scan a QR code or, if you can’t scan the QR code, enter a code and URL instead. Once you’ve done this, click “Next” to go back to the Additional Security Verification window, which will show that the activation status is being checked.

The "Checking activation status" message

This may take a few seconds, and once it’s finished the message will change to show that MFA has been configured.

The successful MFA configuration message

Click Next, and Office 365 will check that everything is working. Depending on what option you selected for verification, it will either send a Deny or Approve message to your app, or ask you to enter a code from the app. In this example, it sent a Deny or Approve message and is waiting for a response.

A message displayed while waiting for you to respond to the test notification

After you’ve verified that MFA is working, you’ll be asked for a phone number in case you lose access to the app.

The mobile phone number text field

This phone number will be used as backup to use SMS or voice calls in the event that you can’t use the Microsoft Authenticator app, such as when you haven’t got Wi-Fi (or you’ve run out of data on your monthly plan, and you’re out and about). It could also be used if you’ve lost your phone, so you might want to choose the number of a family member instead of your own. Once you’ve entered a number, click “Next” to see the final screen.

The app passwordtext box, and Finished button

This page includes a Microsoft-generated password that it will recognize as being created for MFA use. You’ll need to use this password now on rather than the one you normally use, in all of the following apps:

  • Outlook desktop app for your PC or Mac
  • Email apps (except the Outlook app) on an iOS, Android or BlackBerry device
  • Office 2010, Office for Mac 2011 or earlier
  • Windows Essentials (Photo Gallery, Movie Maker, Mail)
  • Zune desktop app
  • Xbox 360
  • Windows Phone 8 or earlier

The next time you try to open any of these apps they’ll ask for your password, so copy it down from here and use it when asked. We can verify that Outlook on your computer needs to use the generated password but the Outlook app on your phone doesn’t, and yes, we find that odd as well, but it’s not a great hardship.

Click “Finished,” and you’ll be taken back to the login screen to login as normal, but this time using MFA. It’s a simple, quick process that provide a valuable layer of extra security, and one that we at How-To Geek strongly recommend.

How to take Azure DNS backup using Azure CLI script

I am also trying to find some easy way rather than complex methods to do via scripts. For Azure we have variety of methods to operate including powershell and CLI. Here we can use the CLI method to export the Azure DNs zone files to txt and we can import them again using very less effort in CLI to restore. For restring refer to the article How to import/export DNS zone file to Azure DNS using CLI here.

You can download the readymade script from the link Azure DNS Zone Imports Script.

cd\

#Login to Azure using CLI with Username and Password
az login -u <Put Username Here> -p <Put Password Here>

#Select Subscription
az account set -s <Put Subscription Name here>

#Set date format to create folder automatically with the date to export zone files
$date = Get-Date
$dateFormat = $date.ToString(“yyyy-MM-dd”)
New-Item -ItemType directory -Path “D\AzureDNSBackup\$dateFormat”

#Use below command to export the each zone file one at a time
az network dns zone export -g “Put Resource Group Name Here” -n “Put zone name here” -f “D:\AzureDNSBackup\$dateFormat\ZoneFileName.txt”

#Export the list of zone files from folder to a file
Get-ChildItem -Path “D:\AzureDNSBackup\$dateFormat\*.txt” | out-file “D:\AzureDNSBackup\$dateFormat\Zone_List.txt”

#Send the zone file list in email for the backup confirmation
$filename = “D:\AzureDNSBackup\$dateFormat\Zone_List.txt”
$smtpServer = “relay Server Name/IP”

$msg = new-object Net.Mail.MailMessage
$att = new-object Net.Mail.Attachment($filename)
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$msg.From = “Sender Email Address here”
$msg.To.Add(“Put Recipeint Email Address Here”)
$msg.Subject = “Daily Azure DNS Zone Backup – $((Get-Date).ToShortDateString())”
$msg.Body = “Daily Azure DNS Zone Backup done to D drive AzureDNSBackup folder on server “ServerName”, Backup Zone List Attached”
$msg.Attachments.Add($att)
$msg.IsBodyHTML = $true
$smtp.Send($msg)

Move-CsUser : Unable to locate Windows Live ID token from the provided credentials, or fr om Active Directory Federation Services (AD FS) credentials cache.

PROBLEM

I am getting below error while trying to move the on-premises lync 2013 user to Skype Online.

O365 Sign in method – Seamless Single Sign-on
ADFS Services – Stopped

ADConnect Sync – OK

Password Write back – Enabled

Move-CsUser -Identity “mailtest@domain.com” -Target sipfed.online.lync.com -Confirm:$false -Verbose

VERBOSE: CN=MailTest,OU=Test,OU=Users,OU=IT,OU……………..DC=local

WARNING: Moving a user from the current version to an earlier version (or to a service

version) can cause data loss.

VERBOSE:CN=MailTest,OU=Test,OU=Users,OU=IT,OU……………..DC=local

Move-CsUser : Unable to locate Windows Live ID token from the provided credentials, or fr

om Active Directory Federation Services (AD FS) credentials cache.

At line:1 char:1

+ Move-CsUser -Identity “mailtest@domain.com” -Target sipfed.online.lync.com -Co …

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo          : InvalidOperation: (CN=MailTest,OU=………..DC=local:OCSAD

User) [Move-CsUser], MoveUserException

+ FullyQualifiedErrorId : MoveError,Microsoft.Rtc.Management.AD.Cmdlets.MoveOcsUserC

mdlet

Move-CsUser : HostedMigration fault: Error=(510), Description=(This user’s tenant is not enabled for shared sip address space.)

PROBLEM

In a Lync hybrid deployment, when you try to move users from the on-premises server that is running Lync to Skype for Business Online (formerly Lync Online) in Office 365, you receive the following error message in Skype for Business Online PowerShell:

Move-CsUser : HostedMigration fault: Error=(510), Description=(This user’s tenant is not enabled for shared sip address space.)

SOLUTION

Before you try to migrate an on-premises Lync user to Skype for Business Online in Office 365, your Office 365 Skype for Business Online organization must be enabled for Shared Session Initiation Protocol (SIP) Address Space.

Set-CsTenantFederationConfiguration -SharedSipAddressSpace $true

 

How to connect to Skype for Business Online PowerShell

The first step is to install the Windows PowerShell Module for Skype for Business Online. For information, go to the following Microsoft website:

After you have the Skype for Business Online Connector module installed, open Windows PowerShell, and then run the following commands:

Import-Module LyncOnlineConnector

 

$cred = Get-Credential

 

$CSSession = New-CsOnlineSession -Credential $cred

 

Import-PSSession $CSSession -AllowClobber

For more information about how to connect to Skype for Business Online by using Windows PowerShell, go to the following Microsoft TechNet website:

409 Client Error: Conflict for url: Zone file path record name while importing a zone file to Azure DNS using CLI

Issue: –

You received this error while importing zone file using the CLI method to Azure DNS.

409 Client Error: Conflict for url: Zone file path

 

Cause:- 

There is always a limit of records you can import to the Azure DNS zone. Let say MS set a limit of 2000 records and you try to import a file more than 2000 DNS records.

Resolution:-

If you are importing more records than it shows in Azure DNS portal then you will getting this error when during the import, the records count reached the limit. Simply ask Microsoft to increase the records limit for each zone file.

How to to create the service connection point in the forest where computers exist to allow devices sync to Azure

Use below scrip to create a service connection point so that device sync can be enabled for Azure.

$verifiedDomain = “contoso.com”    # Replace this with any of your verified domain names in Azure AD

$tenantID = “72f988bf-86f1-41af-91ab-2d7cd011db47”    # Replace this with you tenant ID

$configNC = “CN=Configuration,DC=corp,DC=contoso,DC=com”    # Replace this with your AD configuration naming context (use Get-ADRootDSE to get this value)

$de = New-Object System.DirectoryServices.DirectoryEntry

$de.Path = “LDAP://CN=Services,” + $configNC

$deDRC = $de.Children.Add(“CN=Device Registration Configuration”, “container”)

$deDRC.CommitChanges()

$deSCP = $deDRC.Children.Add(“CN=62a0ff2e-97b9-4513-943f-0d221bd30080”, “serviceConnectionPoint”)

$deSCP.Properties[“keywords”].Add(“azureADName:” + $verifiedDomain)

$deSCP.Properties[“keywords”].Add(“azureADId:” + $tenantID)

$deSCP.CommitChanges()

How can I roll over the Kerberos decryption key of the AZUREADSSOACC computer account

It is important to frequently roll over the Kerberos decryption key of the AZUREADSSOACC computer account (which represents Azure AD) created in your on-premises AD forest.

Important

We highly recommend that you roll over the Kerberos decryption key at least every 30 days.

Follow these steps on the on-premises server where you are running Azure AD Connect:

Step 1. Get list of AD forests where Seamless SSO has been enabled
1.First, download, and install Azure AD PowerShell.
2.Navigate to the %programfiles%\Microsoft Azure Active Directory Connect folder.
3.Import the Seamless SSO PowerShell module using this command:

Import-Module .\AzureADSSO.psd1.

4.Run PowerShell as an Administrator. In PowerShell, call

New-AzureADSSOAuthenticationContext.

This command should give you a popup to enter your tenant’s Global Administrator credentials.

5.Call Get-AzureADSSOStatus. This command provides you the list of AD forests (look at the “Domains” list) on which this feature has been enabled.

Step 2. Update the Kerberos decryption key on each AD forest that it was set it up on

1.Call $creds = Get-Credential. When prompted, enter the Domain Administrator credentials for the intended AD forest.

how to install Azure RM module for powershell

You need to download and install the module for azure DNS first

First check the power shell version because Azure RM module need power shell 5.0 at least.

$PSVersionTable.PSVersion

Install-Module -Name AzureRM

By default, the PowerShell gallery isn’t configured as a trusted repository for PowerShellGet. The first time you use the PSGallery you see the following prompt:
Untrusted repository

You are installing the modules from an untrusted repository. If you trust this repository, change its Installation Policy value by running the

Set-PSRepository cmdlet.

Are you sure you want to install the modules from ‘PSGallery’?
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is “N”):

# Import the module into the PowerShell session
Import-Module AzureRM
# Connect to Azure with an interactive dialog for sign-in
Connect-AzureRmAccount

Update-Module -Name AzureRM