Sometimes there arises a scenario where you may want to disable remote PowerShell access for your users in Office 365. The main reason for doing so would be to prevent rogue admins, users, or even compromised user accounts from being able to do anything malicious with your tenant.

By default, all users will have remote PowerShell access to your Office 365 Organization. Now RBAC Policies prevent them from doing a whole lot (if they are non-administrative users). However if an account gets compromised there could be issues.

The cmdlet below turns off remote PowerShell for a particular user. You can use this to disable PowerShell for all user’s but remember to do not include the Administrators account or you will not be able to run the Hybrid Configuration Wizard or do any management to the Office 365 Tenant that would require you to use PowerShell and make for a very bad day.

 Set-User -Identity <ALIAS> -RemotePowerShellEnabled:$False

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.