ms365-tenant-manager
by alirezarezvani
Microsoft 365 tenant administration for Global Administrators. Automate M365 tenant setup, Office 365 admin tasks, Azure AD user management, Exchange Online configuration, Teams administration, and security policies. Generate PowerShell scripts for bulk operations, Conditional Access policies, license management, and compliance reporting. Use for M365 tenant manager, Office 365 admin, Azure AD users, Global Administrator, tenant configuration, or Microsoft 365 automation.
安装
安装命令
git clone https://github.com/alirezarezvani/claude-skills/tree/main/engineering-team/ms365-tenant-manager文档
Microsoft 365 Tenant Manager
Expert guidance and automation for Microsoft 365 Global Administrators managing tenant setup, user lifecycle, security policies, and organizational optimization.
Table of Contents
Trigger Phrases
Use this skill when you hear:
- "set up Microsoft 365 tenant"
- "create Office 365 users"
- "configure Azure AD"
- "generate PowerShell script for M365"
- "set up Conditional Access"
- "bulk user provisioning"
- "M365 security audit"
- "license management"
- "Exchange Online configuration"
- "Teams administration"
Quick Start
Generate Security Audit Script
python scripts/powershell_generator.py --action audit --output audit_script.ps1
Create Bulk User Provisioning Script
python scripts/user_management.py --action provision --csv users.csv --license E3
Configure Conditional Access Policy
python scripts/powershell_generator.py --action conditional-access --require-mfa --include-admins
Tools
powershell_generator.py
Generates ready-to-use PowerShell scripts for Microsoft 365 administration.
Usage:
# Generate security audit script
python scripts/powershell_generator.py --action audit
# Generate Conditional Access policy script
python scripts/powershell_generator.py --action conditional-access \
--policy-name "Require MFA for Admins" \
--require-mfa \
--include-users "All"
# Generate bulk license assignment script
python scripts/powershell_generator.py --action license \
--csv users.csv \
--sku "ENTERPRISEPACK"
Parameters:
| Parameter | Required | Description |
|---|---|---|
--action | Yes | Script type: audit, conditional-access, license, users |
--policy-name | No | Name for Conditional Access policy |
--require-mfa | No | Require MFA in policy |
--include-users | No | Users to include: All or specific UPNs |
--csv | No | CSV file path for bulk operations |
--sku | No | License SKU for assignment |
--output | No | Output file path (default: stdout) |
Output: Complete PowerShell scripts with error handling, logging, and best practices.
user_management.py
Automates user lifecycle operations and bulk provisioning.
Usage:
# Provision users from CSV
python scripts/user_management.py --action provision --csv new_users.csv
# Offboard user securely
python scripts/user_management.py --action offboard --user john.doe@company.com
# Generate inactive users report
python scripts/user_management.py --action report-inactive --days 90
Parameters:
| Parameter | Required | Description |
|---|---|---|
--action | Yes | Operation: provision, offboard, report-inactive, sync |
--csv | No | CSV file for bulk operations |
--user | No | Single user UPN |
--days | No | Days for inactivity threshold (default: 90) |
--license | No | License SKU to assign |
tenant_setup.py
Initial tenant configuration and service provisioning automation.
Usage:
# Generate tenant setup checklist
python scripts/tenant_setup.py --action checklist --company "Acme Inc" --users 50
# Generate DNS records configuration
python scripts/tenant_setup.py --action dns --domain acme.com
# Generate security baseline script
python scripts/tenant_setup.py --action security-baseline
Workflows
Workflow 1: New Tenant Setup
Step 1: Generate Setup Checklist
python scripts/tenant_setup.py --action checklist --company "Company Name" --users 100
Step 2: Configure DNS Records
python scripts/tenant_setup.py --action dns --domain company.com
Step 3: Apply Security Baseline
python scripts/powershell_generator.py --action audit > initial_audit.ps1
Step 4: Provision Users
python scripts/user_management.py --action provision --csv employees.csv --license E3
Workflow 2: Security Hardening
Step 1: Run Security Audit
python scripts/powershell_generator.py --action audit --output security_audit.ps1
Step 2: Create MFA Policy
python scripts/powershell_generator.py --action conditional-access \
--policy-name "Require MFA All Users" \
--require-mfa \
--include-users "All"
Step 3: Review Results
Execute generated scripts and review CSV reports in output directory.
Workflow 3: User Offboarding
Step 1: Generate Offboarding Script
python scripts/user_management.py --action offboard --user departing.user@company.com
Step 2: Execute Script with -WhatIf
.\offboard_user.ps1 -WhatIf
Step 3: Execute for Real
.\offboard_user.ps1 -Confirm:$false
Best Practices
Tenant Setup
- Enable MFA before adding users
- Configure named locations for Conditional Access
- Use separate admin accounts with PIM
- Verify custom domains before bulk user creation
- Apply Microsoft Secure Score recommendations
Security Operations
- Start Conditional Access policies in report-only mode
- Use
-WhatIfparameter before executing scripts - Never hardcode credentials in scripts
- Enable audit logging for all operations
- Regular quarterly security reviews
PowerShell Automation
- Prefer Microsoft Graph over legacy MSOnline modules
- Include try/catch blocks for error handling
- Implement logging for audit trails
- Use Azure Key Vault for credential management
- Test in non-production tenant first
Reference Guides
When to Use Each Reference
references/powershell-templates.md
- Ready-to-use script templates
- Conditional Access policy examples
- Bulk user provisioning scripts
- Security audit scripts
references/security-policies.md
- Conditional Access configuration
- MFA enforcement strategies
- DLP and retention policies
- Security baseline settings
references/troubleshooting.md
- Common error resolutions
- PowerShell module issues
- Permission troubleshooting
- DNS propagation problems
Limitations
| Constraint | Impact |
|---|---|
| Global Admin required | Full tenant setup needs highest privilege |
| API rate limits | Bulk operations may be throttled |
| License dependencies | E3/E5 required for advanced features |
| Hybrid scenarios | On-premises AD needs additional configuration |
| PowerShell prerequisites | Microsoft.Graph module required |
Required PowerShell Modules
Install-Module Microsoft.Graph -Scope CurrentUser
Install-Module ExchangeOnlineManagement -Scope CurrentUser
Install-Module MicrosoftTeams -Scope CurrentUser
Required Permissions
- Global Administrator - Full tenant setup
- User Administrator - User management
- Security Administrator - Security policies
- Exchange Administrator - Mailbox management
相关 Skills
by anthropics
Use this skill whenever the user wants to do anything with PDF files. This includes reading or extracting text/tables from PDFs, combining or merging multiple PDFs into one, splitting PDFs apart, rotating pages, adding watermarks, creating new PDFs, filling PDF forms, encrypting/decrypting PDFs, extracting images, and OCR on scanned PDFs to make them searchable. If the user mentions a .pdf file or asks to produce one, use this skill.
by anthropics
Use this skill any time a .pptx file is involved in any way — as input, output, or both. This includes: creating slide decks, pitch decks, or presentations; reading, parsing, or extracting text from any .pptx file (even if the extracted content will be used elsewhere, like in an email or summary); editing, modifying, or updating existing presentations; combining or splitting slide files; working with templates, layouts, speaker notes, or comments. Trigger whenever the user mentions \"deck,\" \"slides,\" \"presentation,\" or references a .pptx filename, regardless of what they plan to do with the content afterward. If a .pptx file needs to be opened, created, or touched, use this skill.
by anthropics
Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, update or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy.