How to scan Office 365 accounts

Lansweeper version 8.3 introduced the Office365v2 scanning target which uses Modern Authentication, we recommend using the new target, please refer to this knowledge base article.
Office 365 scanning is a feature introduced in Lansweeper 7.1. If you are using an older Lansweeper release, you will need to update by following the instructions in this knowledge base article.
Not all Lansweeper licenses support O365 scanning. If your particular license does not support this feature, please visit this page for more information.

From version 7.1 onward, Lansweeper can scan data from your Office 365 environments using PowerShell. Once retrieved, your Office 365 data can be accessed in the Software menu of the web console and in the Office 365 tab of user webpages. Built-in reports are available as well. Scanned data includes organizations, domains, users, admins, password enforcement settings, groups, licenses, mailbox lists, ActiveSync devices and more.


To scan Office 365 account information, the following requirements must be met:

  • Your Office 365 account must be linked to an organization, as Lansweeper requires an Azure AD account for the connection to Office 365. Scanning personal Office 365 accounts that are not linked to an organization is not supported.
  • The account submitted as scanning credential in Lansweeper may not have multi-factor authentication (MFA) enabled.
  • The account submitted as scanning credential in Lansweeper must have administrative permissions to Office 365 to be able to inventory all contacts, mailboxes and ActiveSync devices. A global administrator is guaranteed to have sufficient rights.
  • Your Lansweeper scanning server must be able to access the Internet to connect to your Office 365 environment. A connection is made to
  • Your Lansweeper scanning server must be running Windows 7 or a more recent operating system.
  • Your Lansweeper scanning server must have a 64-bit architecture.
  • Your Lansweeper scanning server must have PowerShell version 5. If you only just installed this PowerShell version, make sure to reboot your machine. Your scanning server may not have pending reboots.
  • Your Lansweeper scanning server's WinRM client configuration must have Basic authentication enabled.
  • Your Lansweeper scanning server must be configured to allow scripts that are signed by a trusted publisher. You can configure this by running the below command in PowerShell on the scanning server.
    Set-ExecutionPolicy RemoteSigned

Scanning Office 365 accounts

To retrieve Office 365 information, do the following:

  1. Make sure you meet the scanning requirements mentioned earlier in this article.
  2. Hit the Add Scanning Target button in the Scanning\Scanning Targets section of the console. If you have multiple scanning servers, there will be a separate configuration tab for each server. When submitting your target, you will be asked to specify a scanning schedule.
  3. Select Office 365 from the available dropdown and submit an Office 365 administrator account and password in the Username and Password fields. Username must be formatted as an email address. The Name field is the name of the scanning target/credential and for personal reference only.
  4. Make sure you've configured your scanning schedule as desired and hit Ok.
  5. Wait for your scanning schedule to trigger or initiate an immediate scan by hitting the Scan now button next to the Office 365 target under Scanning\Scanning Targets. Office 365 scans do not visually show up in your scanning queue. They're processed silently in the background.
  6. View scanned data in the Software menu, on individual user pages or in built-in or custom reports.

Debugging Office 365 scanning

If Office 365 information fails to scan after you've double-checked the scanning requirements above, put your scanning server into debug mode:

  1. Stop the Lansweeper Server service in Windows Services on the scanning server you'd like to put into debug mode.
    stopping the Lansweeper service
  2. Run the following tool found on the scanning server:
    Program Files (x86)\Lansweeper\Tools\ConfigEditor.exe
    opening ConfigEditor
  3. Hit the Add button under appSettings
  4. Configure the popup as shown below and hit Add.
  5. Hit the Save button below your appSettings.
    saving settings in ConfigEditor
  6. Restart the Lansweeper Server service on your scanning server.
    starting the Lansweeper service
  7. Hit Scan now next to your Office 365 target under Scanning\Scanning Targets and wait for the "in scanning queue" message to disappear.
  8. Open the following file on your scanning server and look for any errors related to Office 365, which may provide more information on the failure:
    Program Files (x86)\Lansweeper\Service\Errorlog.txt
  9. When you've finished debugging, remove the LogOffice365Scanning option from your appSettings again, to prevent unnecessary growth of your log file.

Related Articles

Get Started Right Away

Try Lansweeper for Free