Microsoft 365 Hudu Magic Dash and Website Sync
Update: I have released an updated version of this script https://mspp.io/updated-m365-magic-dash/
I had some spare time this week after competing in the CTF organised by Kelvin Tegelaar over at https://www.cyberdrain.com/. It was really well organised and great fun!
I decided to start work on some scripts to take advantage of the new Magic Dash feature Hudu recently released. The first thing I wanted to do was to add some direct links to M365 management pages for clients into Hudu. I based this off the work Kelvin Tegelaar did on his quick partner portal, which has saved me many hours of my life, not having to wait on the M365 Portal to load! You can read about that here: https://www.cyberdrain.com/documenting-with-powershell-using-powershell-to-create-faster-partner-portal/
As I started work I realised that I could do a lot more with the Magic Dash feature than just that so I also looked at integrating some of the work Elliot Munro at GCITS did on the past on syncing Office 365 to IT Glue https://gcits.com/knowledge-base/sync-office-365-tenant-info-itglue/
On the home page of the customers I ended up with this:
The at a glance version gives you a quick indication of the number of licensed users currently in the tenant.
When you click on OPEN you get this:
Administration Portals gives you some quick links directly to the customer’s management portals.
Tenant Details gives you some quick details on the customer tenant which I find useful to have.
Current Licenses gives you a quick overview of what licenses the customer has assigned to them.
Licensed Users gives you a break down of users, what licenses they have assigned and any email address aliases on their account.
The final feature I realised I could add easily was to synchronise all domains from M365 to Hudu and allow a choice of if you want them monitored or not.
The first issue I ran into is there wasn’t a clean way to access the Hudu API through powershell. u/exbm from the Hudu sub reddit had started work on a powershell module, but to do what I wanted I needed to have a better understanding on exactly what was going on so I decided to write my own module.
This can be found here along with some more details: https://github.com/lwhitelock/HuduAPI it is also in the powershell gallery here: https://www.powershellgallery.com/packages/HuduAPI/1.4
This is an early version at the moment and is not feature complete yet.
The Hudu devs were kind enough to rush out a website api for me after the v2.1.5 update to let me achieve what I wanted. They are great but there are still a few caveats with the API, for example except for companies there is no real way to filter the results when you make the request, so for most of the Get- functions I am having to pull down all the data and then filter locally. This is very apparent in the Get-HuduAssets function which is a tad slow. I have logged this with the devs and they are promising these will all be in the next release so I can just tweak the powershell module when that is out.
I also ran into a bug with the magic dash where a title can only be unique globally instead of unique per customer, so I have a work around of labelling the dash Microsoft 365 – Customer Name for now instead of just Microsoft 365. The devs are aware and this should be fixed soon as well.
First make sure you are on the re-release of Hudu 2.1.5. You can check this by going to https://your.hudu.domain/developer scroll to the bottom of the menus on the left and you should see Websites if you are on the latest version:
Next make sure you have the MSOnline module installed where you will be running the scripts from:
Also install the HuduAPI powershell module (The script should do this for you so its not vital to do this)
Install-Module -Name HuduAPI
Once these are installed the first thing you need to do is map customers from M365 to Hudu. This is done by adding the default domain of the Microsoft 365 tenant to Hudu websites under the client.
To do this you need to add the default domain with https:// to the websites in Hudu for the customer. I have written a script to make this easy, first it will check if the domain is already there. Then it will check if the name matches one in Hudu and lets you confirm the match. If not you just paste in the company name as it is in Hudu and it will create the domain in Hudu for you after confirming the name is correct.
This is an interactive script so run it from a local powershell session.
Set the settings in the settings section then run the script and follow the instructions it gives you. In the future you can choose to manually re run this script, or add the onmicrosoft / default domain in Hudu as part of your onboarding process.
Download the linking script here: https://github.com/lwhitelock/HuduAutomation/blob/main/Hudu-M365-Links.ps1
Once you have mapped customers from Microsoft 365 to Hudu you can run this second script. I have written this to utilise the secure application model which you can find details about here: https://www.cyberdrain.com/connect-to-exchange-online-automated-when-mfa-is-enabled-using-the-secureapp-model/ This allows the script to be scheduled and run on a regular basis to update the details in Hudu.
Here set you M365 details first.
In the settings section fill out your Hudu details. Set if you want to exclude companies or not.
Finally choose if you want to import domains from Microsoft 365 to Hudu or not.
importDomains will enable the copying of websites into Hudu
monitorDomains will enable monitoring inside Hudu when they are imported.
Download the sync script here https://github.com/lwhitelock/HuduAutomation/blob/main/Hudu-M365-Sync.ps1
If you would prefer to run it manually without using the secure app model you can use this version: https://github.com/lwhitelock/HuduAutomation/blob/main/Hudu-M365-Sync-Manual.ps1
If you run into any problems please open an issue on my Github repository and I will try to help. This is the first script with a new powershell module so there may be bugs as I have only tested it against my own tenant.