Chat with us, powered by LiveChat

Blog

Back

How to create an Office 365 service account for Cogmotive Reports

7 Jun 2012 by Dan Rose

This article refers to our former reporting, security, and management products. We have now integrated these products into Nova, an all-new Office 365 management platform. Find out more

This article explains how to create a Read-Only Administrator account in Office 365 for use with Cogmotive Reports. This is for use with our Manual signup process and it is important that you complete all the steps.

If you require any assistance or receive any error messages during this process please do not hesitate to contact us.

Your organization will not be charged by Microsoft for this account as it does not require an Office 365 licence. More information about the rights and permissions this account requires can be found in our How It Works section.

Connecting to Office 365 using PowerShell

Before we begin, you need to install the “Microsoft Online Service Module” onto your machine. The “Set up your computer to use Powershell” section of our Connecting to Office 365 using PowerShell blog shows you how to do this.

Now open up Windows PowerShell and Copy & Paste in the following commands to connect to Office 365.

Please enter the username and password of an Office 365 Administrator account when prompted.
$Office365credentials = Get-Credential
Import-Module MSOnline
Connect-MsolService -Credential $Office365credentials
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri “https://ps.outlook.com/powershell/” -Credential $Office365credentials -Authentication Basic -AllowRedirection
Import-PSSession $Session

You should now be connected to Office 365. You can run the Get-MsolUser cmdlet and if you are correctly connected you will see a list of the users within your tenant.

Here’s what it will look like.
Windows PowerShell
Copyright (C) 2009 Microsoft Corporation. All rights reserved.
PS C:\Users\Dan> $Office365credentials = Get-Credential
PS C:\Users\Dan> Import-Module MSOnline
PS C:\Users\Dan> Connect-MsolService -Credential $Office365credentials
PS C:\Users\Dan> $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri “https://ps.outlook.com/p
owershell/” -Credential $Office365credentials -Authentication Basic -AllowRedirection
PS C:\Users\Dan> Import-PSSession $Session
ModuleType Name ExportedCommands
———- —- —————-
Script tmp_ebf2ba70-ef57-4b10… {Set-RoleGroup, Set-RMSTrustedPublishingDomain, Disable-UMAutoAttendant,…
PS C:\Users\Dan> Get-MSOLUser
UserPrincipalName DisplayName isLicensed
—————————— ——————— —————-
Dan@Strathmore.onmicrosoft.com Dan Rose True
Tna@Strathmore.onmicrosoft.com Thomas Na True
JSmith@Strathmore.onmicrosoft.com Jill Smith True
PS C:\scripts\Dan>

Creating the Service Account

Now that you are connected to Office 365 in PowerShell, we can create the Service account.

Modify the line below and set the company.onmicrosoft.com part to match your own Office 365 .onmicrosoft.com domain and replace the password with a secure password of your own. We recommend a password of 10 characters of more that includes a mixture of Capital and Lower case letters, numbers and special characters.
New-MSolUser -DisplayName "Service Account for Cogmotive Reports" -UserPrincipalName "CogmotiveReports@company.onmicrosoft.com" -Password "Password123" -PasswordNeverExpires $true
Here is an example:
PS C:\Users\Dan> New-MSolUser -DisplayName "Service Account for Cogmotive Reports" -UserPrincipalName "CogmotiveReports@
strathmore.onmicrosoft.com" -Password "MyPassword123" -PasswordNeverExpires $true
Password UserPrincipalName DisplayName isLicensed
--------------- ------------------------------ --------------------- ----------------
MyPassword123 CogmotiveReports@strathmor... Service Account for Cogmot... False
PS C:\Users\Dan>

We now have to set the password to never expire. Copy the line below and make sure you use the same password as in the command above. The main thing here is to set ForceChangePassword to $False.
Set-MsolUserPassword -UserPrincipalName "CogmotiveReports@company.onmicrosoft.com" -NewPassword Password123 -ForceChangePassword $False
Next we need to add our new account to the View-Only Organization Management group. You can do this by copying and pasting the following cmdlet into the PowerShell window.
Add-RoleGroupMember -identity "View-Only Organization Management" -member CogmotiveReports
If you receive the following error please try the command again in 30 minutes. This is due to to the newly created account not yet being replicated to Exchange Online.

Couldn’t find object “CogmotiveReports”. Please make sure that it was spelled correctly or specify a different object.“.

Lastly we need to assign our service account the MSOL Service Administrator role, which allows us to view company & user information. Simply copy and paste this final cmdlet into the PowerShell window. Remember to change the company.onmicrosoft.com part to match your own Office 365 .onmicrosoft.com domain.
Add-MSOLRoleMember –RoleName “Service Support Administrator” –RoleMemberEmailAddress CogmotiveReports@company.onmicrosoft.com
The account has now been created and you can complete the manual signup process.