ms365-tenant-manager

Microsoft 365 Tenant Manager

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "ms365-tenant-manager" with this command: npx skills add borghei/claude-skills/borghei-claude-skills-ms365-tenant-manager

Microsoft 365 Tenant Manager

Expert guidance and automation for Microsoft 365 Global Administrators managing tenant setup, user lifecycle, security policies, and organizational optimization.

Table of Contents

  • Trigger Phrases

  • Quick Start

  • Tools

  • Workflows

  • Best Practices

  • Reference Guides

  • Limitations

Trigger Phrases

Use this skill when you hear:

  • "set up Microsoft 365 tenant"

  • "create Office 365 users"

  • "configure Azure AD"

  • "generate PowerShell script for M365"

  • "set up Conditional Access"

  • "bulk user provisioning"

  • "M365 security audit"

  • "license management"

  • "Exchange Online configuration"

  • "Teams administration"

Quick Start

Generate Security Audit Script

python scripts/powershell_generator.py --action audit --output audit_script.ps1

Create Bulk User Provisioning Script

python scripts/user_management.py --action provision --csv users.csv --license E3

Configure Conditional Access Policy

python scripts/powershell_generator.py --action conditional-access --require-mfa --include-admins

Tools

powershell_generator.py

Generates ready-to-use PowerShell scripts for Microsoft 365 administration.

Usage:

Generate security audit script

python scripts/powershell_generator.py --action audit

Generate Conditional Access policy script

python scripts/powershell_generator.py --action conditional-access
--policy-name "Require MFA for Admins"
--require-mfa
--include-users "All"

Generate bulk license assignment script

python scripts/powershell_generator.py --action license
--csv users.csv
--sku "ENTERPRISEPACK"

Parameters:

Parameter Required Description

--action

Yes Script type: audit , conditional-access , license , users

--policy-name

No Name for Conditional Access policy

--require-mfa

No Require MFA in policy

--include-users

No Users to include: All or specific UPNs

--csv

No CSV file path for bulk operations

--sku

No License SKU for assignment

--output

No Output file path (default: stdout)

Output: Complete PowerShell scripts with error handling, logging, and best practices.

user_management.py

Automates user lifecycle operations and bulk provisioning.

Usage:

Provision users from CSV

python scripts/user_management.py --action provision --csv new_users.csv

Offboard user securely

python scripts/user_management.py --action offboard --user john.doe@company.com

Generate inactive users report

python scripts/user_management.py --action report-inactive --days 90

Parameters:

Parameter Required Description

--action

Yes Operation: provision , offboard , report-inactive , sync

--csv

No CSV file for bulk operations

--user

No Single user UPN

--days

No Days for inactivity threshold (default: 90)

--license

No License SKU to assign

tenant_setup.py

Initial tenant configuration and service provisioning automation.

Usage:

Generate tenant setup checklist

python scripts/tenant_setup.py --action checklist --company "Acme Inc" --users 50

Generate DNS records configuration

python scripts/tenant_setup.py --action dns --domain acme.com

Generate security baseline script

python scripts/tenant_setup.py --action security-baseline

Workflows

Workflow 1: New Tenant Setup

Step 1: Generate Setup Checklist

python scripts/tenant_setup.py --action checklist --company "Company Name" --users 100

Step 2: Configure DNS Records

python scripts/tenant_setup.py --action dns --domain company.com

Step 3: Apply Security Baseline

python scripts/powershell_generator.py --action audit > initial_audit.ps1

Step 4: Provision Users

python scripts/user_management.py --action provision --csv employees.csv --license E3

Workflow 2: Security Hardening

Step 1: Run Security Audit

python scripts/powershell_generator.py --action audit --output security_audit.ps1

Step 2: Create MFA Policy

python scripts/powershell_generator.py --action conditional-access
--policy-name "Require MFA All Users"
--require-mfa
--include-users "All"

Step 3: Review Results

Execute generated scripts and review CSV reports in output directory.

Workflow 3: User Offboarding

Step 1: Generate Offboarding Script

python scripts/user_management.py --action offboard --user departing.user@company.com

Step 2: Execute Script with -WhatIf

.\offboard_user.ps1 -WhatIf

Step 3: Execute for Real

.\offboard_user.ps1 -Confirm:$false

Best Practices

Tenant Setup

  • Enable MFA before adding users

  • Configure named locations for Conditional Access

  • Use separate admin accounts with PIM

  • Verify custom domains before bulk user creation

  • Apply Microsoft Secure Score recommendations

Security Operations

  • Start Conditional Access policies in report-only mode

  • Use -WhatIf parameter before executing scripts

  • Never hardcode credentials in scripts

  • Enable audit logging for all operations

  • Regular quarterly security reviews

PowerShell Automation

  • Prefer Microsoft Graph over legacy MSOnline modules

  • Include try/catch blocks for error handling

  • Implement logging for audit trails

  • Use Azure Key Vault for credential management

  • Test in non-production tenant first

Reference Guides

When to Use Each Reference

references/powershell-templates.md

  • Ready-to-use script templates

  • Conditional Access policy examples

  • Bulk user provisioning scripts

  • Security audit scripts

references/security-policies.md

  • Conditional Access configuration

  • MFA enforcement strategies

  • DLP and retention policies

  • Security baseline settings

references/troubleshooting.md

  • Common error resolutions

  • PowerShell module issues

  • Permission troubleshooting

  • DNS propagation problems

Limitations

Constraint Impact

Global Admin required Full tenant setup needs highest privilege

API rate limits Bulk operations may be throttled

License dependencies E3/E5 required for advanced features

Hybrid scenarios On-premises AD needs additional configuration

PowerShell prerequisites Microsoft.Graph module required

Required PowerShell Modules

Install-Module Microsoft.Graph -Scope CurrentUser Install-Module ExchangeOnlineManagement -Scope CurrentUser Install-Module MicrosoftTeams -Scope CurrentUser

Required Permissions

  • Global Administrator - Full tenant setup

  • User Administrator - User management

  • Security Administrator - Security policies

  • Exchange Administrator - Mailbox management

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

product-designer

No summary provided by upstream source.

Repository SourceNeeds Review
2.2K-borghei
General

business-intelligence

No summary provided by upstream source.

Repository SourceNeeds Review
455-borghei
General

brand-strategist

No summary provided by upstream source.

Repository SourceNeeds Review
316-borghei
General

senior-mobile

No summary provided by upstream source.

Repository SourceNeeds Review
232-borghei