# Automation - [Connecting Azure Automation](https://docs.realmjoin.com/automation/connecting-azure-automation.md): This guide outlines the onboarding process for both new and existing Automation Accounts. - [Required Permissions](https://docs.realmjoin.com/automation/connecting-azure-automation/required-permissions.md) - [Requirements](https://docs.realmjoin.com/automation/connecting-azure-automation/azure-ad-roles-and-permissions.md): This wiki pages addresses what requirements and (system-level) permissions have to be given, so that runbooks can be executed. - [Runbooks](https://docs.realmjoin.com/automation/runbooks.md): Automate day-to-day operations in your environment. - [Runbook Customization](https://docs.realmjoin.com/automation/runbooks/runbook-customization.md): Adapt RealmJoin's generic runbooks to your environments' needs. - [Runbook Logs](https://docs.realmjoin.com/automation/runbooks/runbook-logs.md) - [Runbook Job Details](https://docs.realmjoin.com/automation/runbooks/runbook-logs/runbook-job-details.md) - [Runbook Naming Conventions](https://docs.realmjoin.com/automation/runbooks/naming-conventions.md) - [Runbook Parameters](https://docs.realmjoin.com/automation/runbooks/runbooks.md) - [Runbook Permissions](https://docs.realmjoin.com/automation/runbooks/runbook-permissions.md): How to grant/deny access to certain runbooks. - [Runbook References](https://docs.realmjoin.com/automation/runbooks/runbook-references.md) - [Device Runbooks](https://docs.realmjoin.com/automation/runbooks/runbook-references/device.md) - [AVD](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/avd.md) - [Restart Host](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/avd/restart-host.md): Reboots a specific AVD Session Host. - [Toggle Drain Mode](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/avd/toggle-drain-mode.md): Sets Drainmode on true or false for a specific AVD Session Host. - [General](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general.md) - [Assign Groups By Template](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/assign-groups-by-template.md): Assign cloud-only groups to a device based on a template - [Change Grouptag](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/change-grouptag.md): Assign a new AutoPilot GroupTag to this device. - [Check Device Compliance](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/check-device-compliance.md): Check the compliance status of a device - [Check Updatable Assets](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/check-updatable-assets.md): Check if a device is onboarded to Windows Update for Business - [Enroll Updatable Assets](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/enroll-updatable-assets.md): Enroll device into Windows Update for Business - [Outphase Device](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/outphase-device.md): Remove/Outphase a windows device - [Remove Primary User](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/remove-primary-user.md): Removes the primary user from a device. - [Rename Device](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/rename-device.md): Rename a device. - [Set Primary User](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/set-primary-user.md): Set a new primary user on a managed Intune device - [Unenroll Updatable Assets](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/unenroll-updatable-assets.md): Unenroll device from Windows Update for Business. - [Wipe Device](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/general/wipe-device.md): Wipe a Windows or MacOS device - [Security](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/security.md) - [Enable Or Disable Device](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/security/enable-or-disable-device.md): Enable or disable a device in Entra ID - [Isolate Or Release Device](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/security/isolate-or-release-device.md): Isolate this device. - [Reset Mobile Device Pin](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/security/reset-mobile-device-pin.md): Reset a mobile device's password/PIN code. - [Restrict Or Release Code Execution](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/security/restrict-or-release-code-execution.md): Only allow Microsoft-signed code to run on a device, or remove an existing restriction. - [Show Bitlocker Recovery Key](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/security/show-bitlocker-recovery-key.md): Show all BitLocker recovery keys for a device - [Show Filevault Recovery Key](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/security/show-filevault-recovery-key.md): Display macOS FileVault recovery key - [Show Laps Password](https://docs.realmjoin.com/automation/runbooks/runbook-references/device/security/show-laps-password.md): Show a local admin password for a device. - [Group Runbooks](https://docs.realmjoin.com/automation/runbooks/runbook-references/group.md) - [Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/devices.md) - [Check Updatable Assets](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/devices/check-updatable-assets.md): Check if devices in a group are onboarded to Windows Update for Business. - [Unenroll Updatable Assets Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/devices/unenroll-updatable-assets_scheduled.md): Unenroll devices from Windows Update for Business. - [General](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/general.md) - [Add Or Remove Nested Group](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/general/add-or-remove-nested-group.md): Add/remove a nested group to/from a group - [Add Or Remove Owner](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/general/add-or-remove-owner.md): Add or remove a Office 365 group owner - [Add Or Remove User](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/general/add-or-remove-user.md): Add or remove a group member - [Change Visibility](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/general/change-visibility.md): Change a group's visibility - [List All Members](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/general/list-all-members.md): List all members of a group, including members that are part of nested groups - [List Owners](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/general/list-owners.md): List all owners of an Office 365 group. - [List User Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/general/list-user-devices.md): List devices owned by group members. - [Remove Group](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/general/remove-group.md): Remove a group. For Microsoft 365 groups, also the associated resources (Teams, SharePoint site) will be removed. - [Rename Group](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/general/rename-group.md): Rename a group. - [Mail](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/mail.md) - [Enable Or Disable External Mail](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/mail/enable-or-disable-external-mail.md): Enable or disable external parties to send emails to a Microsoft 365 group - [Show Or Hide In Address Book](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/mail/show-or-hide-in-address-book.md): Show or hide a group in the address book - [Teams](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/teams.md) - [Archive Team](https://docs.realmjoin.com/automation/runbooks/runbook-references/group/teams/archive-team.md): Archive a team - [Organization Runbooks](https://docs.realmjoin.com/automation/runbooks/runbook-references/org.md) - [Applications](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/applications.md) - [Add Application Registration](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/applications/add-application-registration.md): Add an application registration to Azure AD - [Delete Application Registration](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/applications/delete-application-registration.md): Delete an application registration from Azure AD - [Export Enterprise Application Users](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/applications/export-enterprise-application-users.md): Export a CSV of all (enterprise) application owners and users - [List Inactive Enterprise Applications](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/applications/list-inactive-enterprise-applications.md): List enterprise applications with no recent sign-ins - [Report Application Registration](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/applications/report-application-registration.md): Generate and email a comprehensive Application Registration report - [Report Expiring Application Credentials Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/applications/report-expiring-application-credentials_scheduled.md): List expiry date of all Application Registration credentials - [Update Application Registration](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/applications/update-application-registration.md): Update an application registration in Azure AD - [Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices.md) - [Add Autopilot Device](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/add-autopilot-device.md): Import a Windows device into Windows Autopilot - [Add Device Via Corporate Identifier](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/add-device-via-corporate-identifier.md): Import a device into Intune via corporate identifier - [Auto Approve Driver Updates Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/auto-approve-driver-updates_scheduled.md): Auto-approve new driver updates in Intune driver update policies - [Create Endpoint Analytics Baseline](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/create-endpoint-analytics-baseline.md): Creates Endpoint Analytics baselines in Microsoft Intune with a specified naming schema. - [Dedup Device Names Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/dedup-device-names_scheduled.md): Detect and rename duplicate Intune device display names using a prefix and random suffix - [Delete Stale Devices Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/delete-stale-devices_scheduled.md): Scheduled deletion of stale devices based on last activity - [Get Bitlocker Recovery Key](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/get-bitlocker-recovery-key.md): Get the BitLocker recovery key - [Notify Users About Stale Devices Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/notify-users-about-stale-devices_scheduled.md): Notify primary users about their stale devices via email - [Outphase Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/outphase-devices.md): Remove or outphase multiple devices - [Report Devices Without Primary User](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/report-devices-without-primary-user.md): Reports all managed devices in Intune that do not have a primary user assigned. - [Report Stale Devices Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/report-stale-devices_scheduled.md): Scheduled report of stale devices based on last activity date and platform. - [Report Users With More Than 5 Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/report-users-with-more-than-5-devices.md): Report users with more than five registered devices - [Sync Device Serialnumbers To Entraid Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/devices/sync-device-serialnumbers-to-entraid_scheduled.md): Sync Intune serial numbers to Entra ID extension attributes - [General](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general.md) - [Add Devices Of Users To Group Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-devices-of-users-to-group_scheduled.md): Sync devices of users in a specific group to another device group - [Add Management Partner](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-management-partner.md): List or add Management Partner Links (PAL) - [Add Microsoft Store App Logos](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-microsoft-store-app-logos.md): Update logos of Microsoft Store Apps (new) in Intune - [Add Office365 Group](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-office365-group.md): Create an Office 365 group and SharePoint site, optionally create a (Teams) team. - [Add Or Remove Safelinks Exclusion](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-or-remove-safelinks-exclusion.md): Add or remove a SafeLinks URL exclusion from a policy - [Add Or Remove Smartscreen Exclusion](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-or-remove-smartscreen-exclusion.md): Add or remove a SmartScreen URL indicator in Microsoft Defender - [Add Or Remove Trusted Site](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-or-remove-trusted-site.md): Add or remove a URL entry in the Intune Trusted Sites policy - [Add Primary Users Of Devices To Group Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-primary-users-of-devices-to-group_scheduled.md): Sync primary users of Intune managed devices by platform into an Entra ID group - [Add Security Group](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-security-group.md): Create a Microsoft Entra ID security group - [Add User](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-user.md): Create a new user account - [Add Viva Engange Community](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/add-viva-engange-community.md): Create a Viva Engage (Yammer) community - [Assign Groups By Template Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/assign-groups-by-template_scheduled.md): Assign cloud-only groups to many users based on a predefined template - [Bulk Delete Devices From Autopilot](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/bulk-delete-devices-from-autopilot.md): Bulk delete Autopilot objects by serial number - [Bulk Retire Devices From Intune](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/bulk-retire-devices-from-intune.md): Bulk retire devices from Intune using serial numbers - [Check Aad Sync Status Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/check-aad-sync-status_scheduled.md): Check last Azure AD Connect sync status - [Check Assignments Of Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/check-assignments-of-devices.md): Check Intune assignments for one or more device names - [Check Assignments Of Groups](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/check-assignments-of-groups.md): Check Intune assignments for one or more group names - [Check Assignments Of Users](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/check-assignments-of-users.md): Check Intune assignments for one or more user principal names - [Check Autopilot Serialnumbers](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/check-autopilot-serialnumbers.md): Check if given serial numbers are present in Autopilot - [Check Device Onboarding Exclusion Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/check-device-onboarding-exclusion_scheduled.md): Add unenrolled Autopilot devices to an exclusion group - [Enrolled Devices Report Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/enrolled-devices-report_scheduled.md): Show recent first-time device enrollments - [Export All Autopilot Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/export-all-autopilot-devices.md): List or export all Windows Autopilot devices - [Export All Intune Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/export-all-intune-devices.md): Export a list of all Intune devices and where they are registered - [Export Cloudpc Usage Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/export-cloudpc-usage_scheduled.md): Write daily Windows 365 utilization data to Azure Table Storage - [Export Non Compliant Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/export-non-compliant-devices.md): Export non-compliant Intune devices and settings - [Export Policy Report](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/export-policy-report.md): Create a report of tenant policies from Intune and Entra ID. - [Invite External Guest Users](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/invite-external-guest-users.md): Invite external guest users to the organization - [List All Administrative Template Policies](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/list-all-administrative-template-policies.md): List all Administrative Template policies and their assignments - [List Group License Assignment Errors](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/list-group-license-assignment-errors.md): Report groups that have license assignment errors - [Office365 License Report](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/office365-license-report.md): Generate an Office 365 licensing report - [Report Apple Mdm Cert Expiry Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/report-apple-mdm-cert-expiry_scheduled.md): Monitor/Report expiry of Apple device management certificates - [Report License Assignment Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/report-license-assignment_scheduled.md): Generate and email a license availability report based on thresholds - [Report Pim Activations Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/report-pim-activations_scheduled.md): Scheduled report on PIM activations - [Sync All Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/sync-all-devices.md): Sync all Intune Windows devices - [Sync Apple Tokens](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/general/sync-apple-tokens.md): Sync Apple Enrollment Program Tokens and VPP Tokens with Intune - [Mail](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/mail.md) - [Add Distribution List](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/mail/add-distribution-list.md): Create a classic distribution group - [Add Equipment Mailbox](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/mail/add-equipment-mailbox.md): Create an equipment mailbox - [Add Or Remove Public Folder](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/mail/add-or-remove-public-folder.md): Add or remove a public folder - [Add Or Remove Teams Mailcontact](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/mail/add-or-remove-teams-mailcontact.md): Create/Remove a contact, to allow pretty email addresses for Teams channels. - [Add Or Remove Tenant Allow Block List](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/mail/add-or-remove-tenant-allow-block-list.md): Add or remove entries from the Tenant Allow/Block List - [Add Room Mailbox](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/mail/add-room-mailbox.md): Create a room mailbox resource - [Add Shared Mailbox](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/mail/add-shared-mailbox.md): Create a shared mailbox - [Hide Mailboxes Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/mail/hide-mailboxes_scheduled.md): Hide or unhide special mailboxes in the Global Address List - [Set Booking Config](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/mail/set-booking-config.md): Configure Microsoft Bookings settings for the organization - [Phone](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/phone.md) - [Get Teams Phone Number Assignment](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/phone/get-teams-phone-number-assignment.md): Check whether a phone number is assigned in Microsoft Teams - [Security](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security.md) - [Add Defender Indicator](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/add-defender-indicator.md): Create a new Microsoft Defender for Endpoint indicator - [Backup Conditional Access Policies](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/backup-conditional-access-policies.md): Export Conditional Access policies to an Azure Storage account - [Find Sms Auth Phone Number](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/find-sms-auth-phone-number.md): Find the user associated with a specific SMS-based authentication phone number - [List Admin Users](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/list-admin-users.md): List Entra ID role holders and optionally evaluate their MFA methods - [List Expiring Role Assignments](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/list-expiring-role-assignments.md): List Azure AD role assignments expiring within a given number of days - [List Inactive Devices](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/list-inactive-devices.md): List or export inactive devices with no recent logon or Intune sync - [List Inactive Users](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/list-inactive-users.md): List users with no recent interactive sign-ins - [List Information Protection Labels](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/list-information-protection-labels.md): List Microsoft Information Protection labels - [List Pim Rolegroups Without Owners Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/list-pim-rolegroups-without-owners_scheduled.md): List role-assignable groups with eligible role assignments but without owners - [List Users By Mfa Methods Count](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/list-users-by-mfa-methods-count.md): Report users by the count of their registered MFA methods - [List Vulnerable App Regs](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/list-vulnerable-app-regs.md): List app registrations potentially vulnerable to CVE-2021-42306 - [Monitor Pending Epm Requests Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/monitor-pending-epm-requests_scheduled.md): Monitor and report pending Endpoint Privilege Management (EPM) elevation requests - [Notify Changed Ca Policies](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/notify-changed-ca-policies.md): Send notification email if Conditional Access policies have been created or modified in the last 24 hours. - [Report Epm Elevation Requests Scheduled](https://docs.realmjoin.com/automation/runbooks/runbook-references/org/security/report-epm-elevation-requests_scheduled.md): Generate report for Endpoint Privilege Management (EPM) elevation requests - [User Runbooks](https://docs.realmjoin.com/automation/runbooks/runbook-references/user.md) - [AVD](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/avd.md) - [User Signout](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/avd/user-signout.md): Removes (Signs Out) a specific User from their AVD Session. - [General](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general.md) - [Assign Groups By Template](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/assign-groups-by-template.md): Assign cloud-only groups to a user based on a template - [Assign Or Unassign License](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/assign-or-unassign-license.md): Assign or remove a license for a user via group membership - [Assign Windows365](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/assign-windows365.md): Assign and provision a Windows 365 Cloud PC for a user - [List Group Memberships](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/list-group-memberships.md): List group memberships for this user - [List Group Ownerships](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/list-group-ownerships.md): List group ownerships for this user. - [List Manager](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/list-manager.md): List manager information for this user - [Offboard User Permanently](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/offboard-user-permanently.md): Permanently offboard a user - [Offboard User Temporarily](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/offboard-user-temporarily.md): Temporarily offboard a user - [Reprovision Windows365](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/reprovision-windows365.md): Reprovision a Windows 365 Cloud PC - [Resize Windows365](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/resize-windows365.md): Resize an existing Windows 365 Cloud PC for a user - [Unassign Windows365](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/general/unassign-windows365.md): Remove and deprovision a Windows 365 Cloud PC for a user - [Mail](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail.md) - [Add Or Remove Email Address](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/add-or-remove-email-address.md): Add or remove an email address for a mailbox - [Assign Owa Mailbox Policy](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/assign-owa-mailbox-policy.md): Assign an OWA mailbox policy to a user - [Convert To Shared Mailbox](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/convert-to-shared-mailbox.md): Convert a user mailbox to a shared mailbox and back - [Delegate Full Access](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/delegate-full-access.md): Delegate FullAccess permissions to another user on a mailbox or remove existing delegation - [Delegate Send As](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/delegate-send-as.md): Delegate SendAs permissions for other user on his/her mailbox or remove existing delegation - [Delegate Send On Behalf](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/delegate-send-on-behalf.md): Delegate SendOnBehalf permissions for the user's mailbox - [Hide Or Unhide In Addressbook](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/hide-or-unhide-in-addressbook.md): Hide or unhide a mailbox in the address book - [List Mailbox Permissions](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/list-mailbox-permissions.md): List mailbox permissions for a mailbox - [List Room Mailbox Configuration](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/list-room-mailbox-configuration.md): List room mailbox configuration - [Remove Mailbox](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/remove-mailbox.md): Hard delete a shared mailbox, room or bookings calendar - [Set Out Of Office](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/set-out-of-office.md): Enable or disable out-of-office notifications for a mailbox - [Set Room Mailbox Configuration](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/mail/set-room-mailbox-configuration.md): Set room mailbox resource policies - [Phone](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/phone.md) - [Disable Teams Phone](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/phone/disable-teams-phone.md): Microsoft Teams telephony offboarding - [Get Teams User Info](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/phone/get-teams-user-info.md): Get Microsoft Teams voice status for a user - [Grant Teams User Policies](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/phone/grant-teams-user-policies.md): Grant Microsoft Teams policies to a Microsoft Teams enabled user - [Set Teams Permanent Call Forwarding](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/phone/set-teams-permanent-call-forwarding.md): Set immediate call forwarding for a Teams user - [Set Teams Phone](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/phone/set-teams-phone.md): Assign a phone number to a Microsoft Teams enabled user, enable calling and Grant specific Microsoft Teams policies. - [Security](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/security.md) - [Confirm Or Dismiss Risky User](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/security/confirm-or-dismiss-risky-user.md): Confirm compromise or dismiss a risky user - [Create Temporary Access Pass](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/security/create-temporary-access-pass.md): Create a temporary access pass for a user - [Enable Or Disable Password Expiration](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/security/enable-or-disable-password-expiration.md): Enable or disable password expiration for a user - [Reset Mfa](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/security/reset-mfa.md): Remove all App- and Mobilephone auth methods for a user - [Reset Password](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/security/reset-password.md): Reset a user's password - [Revoke Or Restore Access](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/security/revoke-or-restore-access.md): Revoke or restore user access - [Set Or Remove Mobile Phone Mfa](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/security/set-or-remove-mobile-phone-mfa.md): Set or remove a user's mobile phone MFA method - [Userinfo](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/userinfo.md) - [Rename User](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/userinfo/rename-user.md): Rename a user or mailbox - [Set Photo](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/userinfo/set-photo.md): Set the profile photo for a user - [Update User](https://docs.realmjoin.com/automation/runbooks/runbook-references/user/userinfo/update-user.md): Update user metadata and memberships - [Runbook Scheduling](https://docs.realmjoin.com/automation/runbooks/scheduling.md): Execute Runbooks repeatedly over time - [Runbook Changelog](https://docs.realmjoin.com/automation/runbooks/runbook-changelog.md) - [Remediation Scripts](https://docs.realmjoin.com/automation/remediation-scripts.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.realmjoin.com/automation.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.