S
SkillNav

M365租管

Universal

ms365-tenant-manager

by alirezarezvani

面向 Microsoft 365 Global Administrator,自动化租户配置、Azure AD 用户生命周期、Exchange Online 与 Teams 管理,并生成批量开通、条件访问、许可证和审计用的 PowerShell 脚本。

帮全局管理员把M365租户配置、用户与安全策略管理自动化,还能一键生成批量PowerShell脚本,省时也更不容易出错。

11.5k效率与工作流未扫描2026年3月5日

安装

claude skill add --url github.com/alirezarezvani/claude-skills/tree/main/engineering-team/ms365-tenant-manager

文档

Microsoft 365 Tenant Manager

Expert guidance and automation for Microsoft 365 Global Administrators managing tenant setup, user lifecycle, security policies, and organizational optimization.

Table of Contents

Trigger Phrases

Use this skill when you hear:

  • "set up Microsoft 365 tenant"
  • "create Office 365 users"
  • "configure Azure AD"
  • "generate PowerShell script for M365"
  • "set up Conditional Access"
  • "bulk user provisioning"
  • "M365 security audit"
  • "license management"
  • "Exchange Online configuration"
  • "Teams administration"

Quick Start

Generate Security Audit Script

bash
python scripts/powershell_generator.py --action audit --output audit_script.ps1

Create Bulk User Provisioning Script

bash
python scripts/user_management.py --action provision --csv users.csv --license E3

Configure Conditional Access Policy

bash
python scripts/powershell_generator.py --action conditional-access --require-mfa --include-admins

Tools

powershell_generator.py

Generates ready-to-use PowerShell scripts for Microsoft 365 administration.

Usage:

bash
# Generate security audit script
python scripts/powershell_generator.py --action audit

# Generate Conditional Access policy script
python scripts/powershell_generator.py --action conditional-access \
  --policy-name "Require MFA for Admins" \
  --require-mfa \
  --include-users "All"

# Generate bulk license assignment script
python scripts/powershell_generator.py --action license \
  --csv users.csv \
  --sku "ENTERPRISEPACK"

Parameters:

ParameterRequiredDescription
--actionYesScript type: audit, conditional-access, license, users
--policy-nameNoName for Conditional Access policy
--require-mfaNoRequire MFA in policy
--include-usersNoUsers to include: All or specific UPNs
--csvNoCSV file path for bulk operations
--skuNoLicense SKU for assignment
--outputNoOutput file path (default: stdout)

Output: Complete PowerShell scripts with error handling, logging, and best practices.

user_management.py

Automates user lifecycle operations and bulk provisioning.

Usage:

bash
# Provision users from CSV
python scripts/user_management.py --action provision --csv new_users.csv

# Offboard user securely
python scripts/user_management.py --action offboard --user john.doe@company.com

# Generate inactive users report
python scripts/user_management.py --action report-inactive --days 90

Parameters:

ParameterRequiredDescription
--actionYesOperation: provision, offboard, report-inactive, sync
--csvNoCSV file for bulk operations
--userNoSingle user UPN
--daysNoDays for inactivity threshold (default: 90)
--licenseNoLicense SKU to assign

tenant_setup.py

Initial tenant configuration and service provisioning automation.

Usage:

bash
# Generate tenant setup checklist
python scripts/tenant_setup.py --action checklist --company "Acme Inc" --users 50

# Generate DNS records configuration
python scripts/tenant_setup.py --action dns --domain acme.com

# Generate security baseline script
python scripts/tenant_setup.py --action security-baseline

Workflows

Workflow 1: New Tenant Setup

Step 1: Generate Setup Checklist

bash
python scripts/tenant_setup.py --action checklist --company "Company Name" --users 100

Step 2: Configure DNS Records

bash
python scripts/tenant_setup.py --action dns --domain company.com

Step 3: Apply Security Baseline

bash
python scripts/powershell_generator.py --action audit > initial_audit.ps1

Step 4: Provision Users

bash
python scripts/user_management.py --action provision --csv employees.csv --license E3

Workflow 2: Security Hardening

Step 1: Run Security Audit

bash
python scripts/powershell_generator.py --action audit --output security_audit.ps1

Step 2: Create MFA Policy

bash
python scripts/powershell_generator.py --action conditional-access \
  --policy-name "Require MFA All Users" \
  --require-mfa \
  --include-users "All"

Step 3: Review Results

Execute generated scripts and review CSV reports in output directory.

Workflow 3: User Offboarding

Step 1: Generate Offboarding Script

bash
python scripts/user_management.py --action offboard --user departing.user@company.com

Step 2: Execute Script with -WhatIf

powershell
.\offboard_user.ps1 -WhatIf

Step 3: Execute for Real

powershell
.\offboard_user.ps1 -Confirm:$false

Best Practices

Tenant Setup

  1. Enable MFA before adding users
  2. Configure named locations for Conditional Access
  3. Use separate admin accounts with PIM
  4. Verify custom domains before bulk user creation
  5. Apply Microsoft Secure Score recommendations

Security Operations

  1. Start Conditional Access policies in report-only mode
  2. Use -WhatIf parameter before executing scripts
  3. Never hardcode credentials in scripts
  4. Enable audit logging for all operations
  5. Regular quarterly security reviews

PowerShell Automation

  1. Prefer Microsoft Graph over legacy MSOnline modules
  2. Include try/catch blocks for error handling
  3. Implement logging for audit trails
  4. Use Azure Key Vault for credential management
  5. Test in non-production tenant first

Reference Guides

When to Use Each Reference

references/powershell-templates.md

  • Ready-to-use script templates
  • Conditional Access policy examples
  • Bulk user provisioning scripts
  • Security audit scripts

references/security-policies.md

  • Conditional Access configuration
  • MFA enforcement strategies
  • DLP and retention policies
  • Security baseline settings

references/troubleshooting.md

  • Common error resolutions
  • PowerShell module issues
  • Permission troubleshooting
  • DNS propagation problems

Limitations

ConstraintImpact
Global Admin requiredFull tenant setup needs highest privilege
API rate limitsBulk operations may be throttled
License dependenciesE3/E5 required for advanced features
Hybrid scenariosOn-premises AD needs additional configuration
PowerShell prerequisitesMicrosoft.Graph module required

Required PowerShell Modules

powershell
Install-Module Microsoft.Graph -Scope CurrentUser
Install-Module ExchangeOnlineManagement -Scope CurrentUser
Install-Module MicrosoftTeams -Scope CurrentUser

Required Permissions

  • Global Administrator - Full tenant setup
  • User Administrator - User management
  • Security Administrator - Security policies
  • Exchange Administrator - Mailbox management

相关 Skills

PPT处理

by anthropics

Universal
热门

处理 .pptx 全流程:创建演示文稿、提取和解析幻灯片内容、批量修改现有文件,支持模板套用、合并拆分、备注评论与版式调整。

涉及PPTX的创建、解析、修改到合并拆分都能一站搞定,连备注、模板和评论也能处理,做演示文稿特别省心。

效率与工作流
未扫描119.1k

技能工坊

by anthropics

Universal
热门

覆盖 Skill 从创建到迭代优化全流程:起草能力、补测试提示、跑评测与基准方差分析,并持续改写内容和描述,提升效果与触发准确率。

技能工坊把技能从创建、迭代到评测串成闭环,方差分析加描述优化,特别适合把触发准确率打磨得更稳。

效率与工作流
未扫描119.1k

Word文档

by anthropics

Universal
热门

覆盖Word/.docx文档的创建、读取、编辑与重排,适合生成报告、备忘录、信函和模板,也能处理目录、页眉页脚、页码、图片替换、查找替换、修订批注及内容提取整理。

搞定 .docx 的创建、改写与精排版,目录、批量替换、批注修订和图片更新都能自动化,做正式文档尤其省心。

效率与工作流
未扫描119.1k

相关 MCP 服务

文件系统

编辑精选

by Anthropic

热门

Filesystem 是 MCP 官方参考服务器,让 LLM 安全读写本地文件系统。

这个服务器解决了让 Claude 直接操作本地文件的痛点,比如自动整理文档或生成代码文件。适合需要自动化文件处理的开发者,但注意它只是参考实现,生产环境需自行加固安全。

效率与工作流
83.9k

io.github.wonderwhy-er/desktop-commander

编辑精选

by wonderwhy-er

热门

Desktop Commander 是让 AI 直接执行终端命令、管理文件和进程的 MCP 服务器。

这工具解决了 AI 无法直接操作本地环境的痛点,适合需要自动化脚本调试或文件批量处理的开发者。它能让你用自然语言指挥终端,但权限控制需谨慎,毕竟让 AI 执行 rm -rf 可不是闹着玩的。

效率与工作流
5.9k

EdgarTools

编辑精选

by dgunning

热门

EdgarTools 是无需 API 密钥即可解析 SEC EDGAR 财报的开源 Python 库。

这个工具解决了金融数据获取的痛点——直接让 AI 读取结构化财报,比如让 Claude 分析苹果的 10-K 文件。适合量化分析师或金融开发者快速构建数据管道。但注意,它依赖 SEC 网站稳定性,高峰期可能延迟。

效率与工作流
2.0k

评论