Script to move bulk users to Teams Only mode from On Premise Skype for Business Servers

When we enable Teams for Skype for Business Hybrid users the final stage of action is to move the actual on premise Skype for Business Account to Office 365 to make them to Teams only mode. As more organization are adopting the Microsoft Teams in a full fast track approach the last stage of migration is to move all the local accounts to Teams Only Mode.

This script will help in moving the users on batches to Teams Only Mode from an input csv file. It also provides the time taken to complete the batch on screen once the migration is completed.

Example below:



Measure-Command {
[CmdletBinding()]
param( [string] $UsersList = $(Read-Host -prompt `
    “Input the CSV File with Location”))
$Users = Import-Csv $UsersList -Delimiter ";"

#To Connect to Teams, Skype Online Session and Import them. Make sure you have the new Teams Module installed.

$mycred= Get-Credential
Connect-MicrosoftTeams -Credential $mycred
Import-Module MicrosoftTeams
$sfbsession = New-CsOnlineSession
Import-PSSession $sfbsession


#Initialize parameters and variables.

$sip= $users.SipAddress
$count = $users.count

write-host "We have found" $count "Users to Migrate" -foregroundcolor Yellow -backgroundcolor Black
$pauseSeconds = 10
$Sleep = 20

Write-Host "Pausing for " $pauseSeconds " seconds to verify your count..." -ForegroundColor Yellow
Start-Sleep -s $pauseSeconds

#To Enable Logging and store them for failed migration and any errors.

$transcriptname = “MoveCSUserStatus” + `
    (Get-Date -format s).Replace(“:”,”-“) +”.txt”
Start-Transcript $transcriptname

#Take export of SFB enabled users before move.

$Users | % {get-csuser -Identity $_.SipAddress} | Where-object {$_.Enabled -eq $True} | Select-object  SamAccountName,sipaddress,Enabled,EnterpriseVoiceEnabled | Out-File SFBUsersBeforeMove.csv -append            

$URL= "https://adminof.online.lync.com/HostedMigration/hostedmigrationService.svc"

#Initiate Move-CsUser Operation.

$NewSession=0
$x=0
foreach ($user in $users) {

$x++
Move-CsUser -Identity $user.SipAddress -Target sipfed.online.lync.com  -HostedMigrationOverrideUrl $URL  -UseOAuth -MoveToTeams -BypassAudioConferencingCheck  -BypassEnterpriseVoiceCheck -Verbose -Confirm:$False
$NewSession=$x/250
if($NewSession -eq 1) {
get-pssession | remove-pssession
Disconnect-MicrosoftTeams
Connect-MicrosoftTeams -Credential $mycred
Import-Module MicrosoftTeams
$sfbsession = New-CsOnlineSession
Import-PSSession $sfbsession
$NewSession=0
$x=0
Write-Host "Refreshing the Skype online Session" -ForegroundColor Green
}
}


#Pause for 20 seconds 

Start-Sleep -s $sleep 

#Validate the Move and complete Successfully Moved and Failed Users.

$loop = foreach ($user in $users) {
Get-CsOnlineUser -Identity $user.sipaddress | Select-object  sipaddress,hostingprovider,TeamsUpgradeEffectiveMode,RegistrarPool} 
$loop| Out-File TeamsOnlyMigrationStatus.csv -append

#Validate the meeting Migration status
$loop = foreach ($user in $users) {
Get-CsMeetingMigrationStatus -Identity $user.sipaddress | Select-Object UserPrincipalName,State,MigrationType,LastMessage,FailedMeetings}
$loop| Out-File MeetingMigrationStatus.csv -append

Stop-Transcript
Write-Host "Migration Script Completed Please Refer Transcript File for any Errors" -ForegroundColor Green

#Close the sessions.
          
get-pssession | remove-pssession  

#Send Email report to Notify the Migration have completed - Mention your SMTP server
#Send-MailMessage -from "username@domain.com" -to "admin@domain.com"-subject "TeamsOnlyMigrationTaskCompleted: No File" -body "Teams Only Migration Batch have been completed.Please refer log file Location for further information" -SmtpServer "Mention your SMTP Server" 
}

Notes:

  1. Make sure that you whitelist the traffic to office365 services to establish successful connection to the SFBO session.
  2. If there are multiple number of users recommended to split up the batches and execute them from 2 servers.
  3. Ensure the SSL traffic inspection, IP connection limits are excluded from Firewall/Proxy from the network side.
  4. Moving this from a shared bandwidth might be a bit slower and moving this from a temporary dedicated IP address might provide a better performance.
  5. This script uses -UseOauth switch. Make sure the Onpremise SFB servers are patched to the required version. Else use the legacy option by removing this switch. Recommended to run this first with few users list verify based on your environment and then later run for bulk users.

Regards

Sathish Veerapandian

6 thoughts on “Script to move bulk users to Teams Only mode from On Premise Skype for Business Servers

  1. Ally February 20, 2021 at 6:17 am Reply

    Awsome! I am in the process of moving my hybrid SFB on-premises users to teams only mode in parts. In my hybrid environment if I search users in teams I can see all sfb on-premises and online users. Can’t I just change the mode for individual users to teams only instead of running this script? I believe they are homed in on-premises that’s why I must have to move them. Please correct me if I am wrong? Thanks

    Like

    • Sathish Veerapandian April 11, 2021 at 12:52 pm Reply

      Hi Ally if you are running hybrid version of SFB and users are not moved SFB Online Unfortunately we cannot move them to Teams Only mode. So the first step is to move them to Online.

      Like

  2. aldo February 23, 2021 at 11:49 am Reply

    This is just what I am looking for, thanks, how does the CSV need to be formatted?

    Like

  3. Daniel desire April 9, 2021 at 9:16 pm Reply

    Hi Sathish, I guess the scripts are run from skype for business front end. Will this work for migration of thousands users. I use a quite similar script and it times out after 15 users, so I have to close the session and restart a new one.

    Like

    • Sathish Veerapandian April 11, 2021 at 12:50 pm Reply

      Hi Daniel this is a known issue recently after upgrading the Teams PowerShell module. The only workaround that you can use is to use the Legacy Authentication parameter trick in the Script. YOu can use the below cmd in your script to use the Legacy Authentication.
      Read-Host -Prompt “Enter your tenant password” -AsSecureString | ConvertFrom-SecureString | Out-File “cred.txt”
      $User = “Adminaccount@domain.com”
      $Pass = Get-Content “cred.txt” | ConvertTo-SecureString
      $credential= new-object -typename System.Management.Automation.PSCredential -argumentlist $AdminName, $Pass

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

<span>%d</span> bloggers like this: