This post was updated by Steve Goodman on March 10, 2021.

Your Microsoft 365 subscription includes multiple services that integrate to provide the full experience, including identity management, device management, security and compliance, and productivity tools such as Exchange, Microsoft Teams, SharePoint Online, and many more.  The core Microsoft 365 admin center allows quick access to most underlying functionality and day-to-day administrative controls.  

For complex tasks, you can use dedicated admin portals or use PowerShell cmdlets.

Microsoft 365 Admin Center
Figure 1: Microsoft 365 Admin Center

You can access these portals using modern, supported web browsers, including Microsoft Edge, Chrome, and Firefox.  

You’ll want to bookmark this page to find relevant portals and PowerShell connection instructions in the future. 

Central Admin Portal 

  • Microsoft 365 Admin Center – this is the primary portal for managing an Office 365 tenant, providing admin controls for a variety of everyday tasks such as managing users, groups, and billing, as well as other features such as the Service Health Dashboard.  
    The URL is https://admin.microsoft.com/Adminportal/ 

Microsoft 365 Productivity and Migration 

  • Exchange Admin Center – the EAC (Exchange Admin Centre) for Exchange Online delivers a similar administration experience as the on-premises Exchange Admin Center. It provides detailed administration for Exchange Online configuration and recipients.  
    The URL is https://outlook.office365.com/ecp 
  • The New Exchange Admin Center – the new EAC replaces the older Exchange Admin Center and provides a modern, more streamlined experience for the administration of recipients, Exchange settings, and migrations. 
    The URL is https://admin.exchange.microsoft.com/  
  • Teams Admin Center – the TAC lets you manage Teams global settings, team and channel settings, devices such as IP (Intellectual Property) phones and Microsoft Teams Rooms, app settings, chat settings, phone numbers, and meeting settings.  
    The URL is https://admin.teams.microsoft.com  
  • SharePoint Online Admin Center – the SPO (SharePoint Online) Admin Center lets you manage SharePoint online sites, applications, and migrations. 
    The URL is https://admin.microsoft.com/sharepoint   
  • OneDrive for Business – the ODfB Admin Portal allows you to manage and control OneDrive sync, sharing, and device access settings.  
    The URL is https://admin.onedrive.com  
  • Microsoft 365 Apps for Enterprise/Business (Office 365 Pro Plus) – The Apps Admin Center allows you to manage policies and configuration for Microsoft 365 apps, formerly known as Office 365 Pro Plus. Preview functionality also allows access to information about installed clients. 
    The URL is https://config.office.com  
  • Yammer – the Yammer admin portal can be used to activate your Yammer network, customize the appearance, manage users and policies, and perform community management tasks.  
    The URL is https://www.yammer.com/office365/admin  
  • Microsoft Stream – You can configure policies to manage video recordings stored in Microsoft Stream and enable functionality, including live events. In the future, this functionality will be moved to SharePoint and OneDrive for Business. 
    The URL is https://web.microsoftstream.com/admin  
  • Power Platform – the Power Platform admin center allows management of Power Apps and Power Automate policies and allows viewing of usage and connector statistics. 
    The URL is https://admin.powerplatform.microsoft.com/  
  • PowerBI – the Power BI admin portal allows management of workspaces created by users in your organization and company-wide settings that allow functionality such as embedding dashboards into web pages or org-wide visualizations.  
    The URL is https://app.powerbi.com/admin-portal  
  • Kaizala – You can enable and disable Kaizala, Microsoft’s IM solution that will be merged into Teams over time in this portal and manage groups, actions, connectors, and view analytics.  
    The URL is https://manage.kaiza.la  

Microsoft 365 Identity and Device Management 

  • Azure Active Directory – Use the Azure AD (Active Directory) portal to manage advanced settings for users, guest access to your tenant, security settings for access, such as conditional access and security defaults, and privileged identity management 
    The URL is https://aad.portal.azure.com  
  • Microsoft Endpoint Manager & Intune – The MEM/Intune portal manages mobile devices and cloud-managed Windows and Mac devices. You can create policies for enrolled devices, manage devices and view audit logs and analytical information. 
    The URL is https://endpoint.microsoft.com  

Microsoft 365 Security and Compliance 

  • Microsoft 365 Security Center – This portal allows you to view the Secure Score and Security Reports, define and manage Sensitivity and Retention Labels, use Attack Simulation Training, and manage Microsoft 365 Defender (Office 365 ATP) policies. 
    The URL is https://security.microsoft.com  
  • Microsoft 365 Compliance Center – Use this portal to view Compliance Manager and Compliance Score, configure Data Loss Prevention policies, define Data Classifications, configure Communications Compliance and manage Data Subject requests, Records Management, eDiscovery, Information Governance, Information Protection, and Insider Risk Management. 
    The URL is https://compliance.microsoft.com  
  • Microsoft Cloud App Security – You use this portal to manage settings for the discovery of shadow-IT applications, integrate Microsoft 365 with third-party services for DLP (Data Loss Prevention) and monitoring, and configure and report on advanced policies that allow Conditional Access-based session controls for blocking downloads, DLP, and automated actions based on user behavior. 
    The URL is https://portal.cloudappsecurity.com  
  • Azure Information Protection – Although Sensitivity Labels will replace AIP for labeling, you may still need to configure AIP through the admin portal in the meantime. In this portal, you can configure labels, classifications, policies, view usage reports, and configure and manage AIP Scanner. 
    The URL is https://portal.azure.com/#blade/Microsoft_Azure_InformationProtection/  
  • Microsoft Defender for Identity. Previously Azure ATP, this portal is used to manage the workspaces for Azure ATP, which monitors on-premises Active Directory environments for suspicious behavior.  
    The URL is https://portal.atp.azure.com 
  • Microsoft Defender for Endpoints – Previously Defender ATP, use this portal to define policies for Microsoft Defender for Endpoints, view and manage enrolled devices, and configure service-level settings, such as built-in cloud proxy services.  
    The URL is https://securitycenter.windows.com  
  • Azure – the Azure management portal allows management of your Azure subscription, including IaaS, PaaS, and SaaS services provided by Microsoft. For Security, it also includes access to management of services, including Azure Sentinel 
    The URL is: https://portal.azure.com 

Read more: Gartner Report: Quest-Quadrotech named a Representative Vendor in the 2021 Market Guide for SaaS Management Platforms

PowerShell Connections 

Most Microsoft 365 services have modern PowerShell interfaces capable of using Multi-Factor authentication for sign-in and are simple to install from the PowerShell gallery or an administrative PowerShell prompt on a workstation. 

Use this guide to reference connections to core Microsoft 365 services using PowerShell quickly 

Azure Active Directory 

Two modules are available from the PowerShell Gallery for the management of Azure Active Directory. The MSOnline Module is the version one module, suitable for legacy scripts. Microsoft recommends using the newer V2 module, AzureAD. 

Here’s how to install the Azure AD (Version 2) module (as local admin) and connect to Azure AD:

Install-Module AzureAD -Force -Scope AllUsers
$AzureAdCred = Get-Credential
Connect-AzureAD -Credential $AzureAdCred 

View the Azure AD module in the PowerShell Gallery 

Here’s how to install the MSOnline (Azure AD Version 1) module (as local admin) and connect to the service:

Install-Module MSOnline 
$Msolcred = Get-credential 
Connect-MsolService -Credential $MsolCred 

View the MSOnline module in the PowerShell Gallery 

Important: Microsoft has moving away from the Azure AD and MSOnline modules. From June 30, 2022, the Azure AD cmdlets which interact with license management will no longer work because Microsoft is moving to a new license management platform. Microsoft’s long-term direction is to support Azure AD operations through the Microsoft Graph SDK for PowerShell. Except for license management, current Azure AD cmdlets will continue to work until Microsoft announces the deprecation of the module. However, tenant administrators should become acquainted with the Microsoft Graph SDK for PowerShell and consider converting Azure AD cmdlets for SDK cmdlets as time allows.

Exchange Online 

The new Exchange Online PowerShell module (v2) is recommended instead of the older Exchange Online PowerShell modules. These include updated cmdlets and newer, faster cmdlets that are more reliable.

Here’s how to install the Exchange Online v2 module (as local admin) and connect using modern authentication:

Install-Module ExchangeOnlineManagement -Force -Scope AllUsers
Connect-ExchangeOnline -UserPrincipalName <UPN> -ShowProgress $true 

View the Exchange Online module in the PowerShell Gallery 

Security and Compliance Center 

The Security and Compliance Center PowerShell module is part of the Exchange Online PowerShell module. Installing the Exchange Online PowerShell module installs this module too. You use this module to configure Microsoft 365 S&C settings and perform actions such as eDiscovery searches. 

Installing the Exchange Online v2 module (as local admin) and connect to Exchange Online as above. Then use the Connect-IPPSession cmdlet to connect to the Security and Compliance endpoint:

Connect-IPPSSession -UserPrincipalName <UPN> 

View the Exchange Online module in the PowerShell Gallery 

Microsoft Teams and Skype for Business Online 

Use the Microsoft Teams PowerShell module to manage individual Microsoft Teams, allowing you to create Teams, channels, and manage their membership and settings.  

Core Microsoft Teams settings, such as policies for meetings, used to be managed with the Skype for Business Online PowerShell module. The module retired in February 2021, and the same functionality is built-in to the Teams PowerShell module. The old Skype for Business Online cmdlets are included in the Microsoft Teams V2.0 module.

Here’s how to install the Microsoft Teams module (as local admin) and connect:

Install-Module MicrosoftTeams -Force -Scope AllUsers
Connect-MicrosoftTeams  

View the Microsoft Teams module in the PowerShell Gallery 

SharePoint Online and OneDrive for Business 

You can use the SharePoint Online PowerShell module to manage tenant-wide settings for SharePoint Online and OneDrive for Business and manage individual site collections. You can also use it to generate reports. 

Here’s how to install the SharePoint Online PowerShell module (as local admin) from the PowerShell gallery and connect to the SharePoint Online admin endpoint. Note that you need to amend the $AdminEndPoint variable to insert your tenant name and make it something like https://contoso-admin.sharepoint.com.

Install-Module -Name Microsoft.Online.SharePoint.PowerShell -Scope AllUsers -Force
Import-Module -Name Microsoft.Online.SharePoint.PowerShell 
$AdminEndPoint = "https://tenant-admin.sharepoint.com"
Connect-SPOService -url $AdminEndPoint -Credential $O365Cred

Keeping Modules Up to Date 

You can install the latest version of each module using the Update-Module cmdlet. The easiest way to do this is with a script. Here’s a good example.

Learning more about PowerShell 

Find out more about PowerShell in our guide, PowerShell for Beginners – An introduction to the basics 

PowerShell for Beginners – An Introduction to the Basics 

Microsoft 365 Administration Portals and PowerShell Connections

About the Author

Steve Goodman

Technology Writer and Chief Editor for AV Content at Practical 365, focused on Microsoft 365. A 12-time Microsoft MVP, author of several technology books and regular Microsoft conference speaker. Steve works at Advania in the UK as Field Chief Technology Officer, advising business and IT on the best way to get the most from Microsoft Cloud technology.

Comments

  1. Kamil Titera

    HI,
    I receive that the ampersand is not allowed…

    PS C:\WINDOWS\system32> Connect-ExchangeOnline -UserPrincipalName <UPN> -ShowProgress $true
    At line:1 char:43
    + Connect-ExchangeOnline -UserPrincipalName <UPN> -ShowProgress $tru …
    + ~
    The ampersand (&) character is not allowed. The & operator is reserved for future use; wrap an ampersand in double quotation marks (“&”) to pass it as part of a string.
    + CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : AmpersandNotAllowed

  2. Joseph Jojo

    How I can connect Microsoft Stream through PowerShell?

  3. vivek K

    Hi Paul,

    Please help out for below query

    Run the set command in office 365 power shell it will ask username and password in office 365 power shell

  4. Nathan McClintock

    Hi.

    A very useful article thanks. Your link to “Azure Active Directory Module for Windows PowerShell (64-bit)” has moved elsewhere (cant find it!)

    Cheers

    1. Avatar photo
      Paul Cunningham

      Looks like it’s been moved to the PowerShell Gallery.

      Try “Install-Module MSOnline”

Leave a Reply