Step-by-Step Guide to Managing Microsoft 365 E3 Trial Tenant and Exchange Online User Accounts

By /

1. Create a Microsoft 365 E3 Trial Account

Purpose

Setting up a Microsoft 365 E3 trial gives you a fully functional Microsoft 365 tenant for testing, training, or proof of concept. It allows IT administrators to explore and configure services like Exchange Online, Intune, Microsoft Purview, and Teams without affecting production data or users. The E3 trial lasts 30 days and includes 25 user licenses, ideal for lab or pilot environments.

Configuration Steps

Portal Method

  1. Go to the Microsoft 365 E3 Trial page.
  2. Click Start Free Trial and enter your business or alternate admin email.
  3. Choose a tenant domain name, such as contoso.onmicrosoft.com.
  4. Create the first Global Administrator account with a secure password.
  5. Verify your identity via phone or email.
  6. Complete setup — this creates your new Microsoft 365 tenant.

PowerShell (Post-Setup)
Once your tenant is active:

# Connect to Microsoft Online Service
Connect-MsolService

# View available licenses
Get-MsolAccountSku

This shows your license type, e.g. contoso:ENTERPRISEPACK.

Validation

Best Practices

  • Use a non-production domain (e.g., contosolab.onmicrosoft.com).
  • Document your Global Admin credentials securely.
  • Enable MFA on the admin account immediately.
  • Restrict trial use to test accounts to prevent accidental production use.

Use Case

  • IT teams validate Exchange Online, Intune, and Microsoft Purview configurations.
  • Create sandbox environments for security policy, compliance, or conditional access testing.

2. Create Exchange Online User Mailbox and Assign License

Purpose

To give users access to Exchange Online, Teams, OneDrive, and other Microsoft 365 services, you must create user accounts and assign the correct licenses.

Configuration Steps

Portal Method

  1. Open Microsoft 365 Admin CenterUsers → Active users → Add a user.
  2. Enter details: display name, username, and domain.
  3. Assign a Microsoft 365 E3 or E5 license.
  4. Ensure Exchange Online is checked under services.
  5. Save and finish.

PowerShell

Connect-MsolService

New-MsolUser -UserPrincipalName user1@contoso.com -DisplayName "User One" `
-FirstName User -LastName One -UsageLocation US `
-LicenseAssignment contoso:ENTERPRISEPACK

Validation

Best Practices

  • Always set UsageLocation before license assignment.
  • Use scripts to automate bulk onboarding.
  • Define a naming convention for test accounts.

Use Case

  • Onboard employees with mailbox and Teams access on Day 1.
  • Validate automatic license provisioning via group-based licensing.

3. Create Office 365 User Account Without License

Purpose

This allows you to create accounts for contractors, service accounts, or upcoming employees without consuming licenses until needed.

Configuration Steps

Portal Method

  1. Go to Admin Center → Users → Active users → Add a user.
  2. Enter details and skip license assignment.
  3. Save the account.

PowerShell

New-MsolUser -UserPrincipalName user2@contoso.com -DisplayName "User Two" `
-FirstName User -LastName Two -UsageLocation US

Validation

  • The user appears in Active Users.
  • In the Exchange Admin Center, confirm no mailbox exists.

Best Practices

  • Use for service or system accounts that don’t require mailboxes.
  • Assign licenses later when Exchange or Teams access is required.

Use Case

  • HR can pre-create accounts before start dates.
  • IT can maintain placeholders for contractors.

4. Assign or Remove a Microsoft 365 License

Purpose

Control which users have access to Microsoft 365 services. Assigning or removing licenses dynamically manages resource allocation.

Configuration Steps

Portal Method

  1. Navigate to Users → Active users.
  2. Select the user → Licenses and apps.
  3. Assign or remove the Microsoft 365 E3/E5 license.

PowerShell

# Assign license
Set-MsolUserLicense -UserPrincipalName user2@contoso.com -AddLicenses contoso:ENTERPRISEPACK

# Remove license
Set-MsolUserLicense -UserPrincipalName user2@contoso.com -RemoveLicenses contoso:ENTERPRISEPACK

Validation

  • After assigning: user mailbox is created.
  • After removing: mailbox is deactivated (data retained for 30 days).

Best Practices

  • Use group-based licensing in Microsoft Entra ID for automation.
  • Regularly audit unused licenses to reduce cost.
  • Track license consumption in Billing → Licenses.

Use Case

  • Assign licenses only for temporary projects or contractors.
  • Automatically revoke licenses when users leave the organization.

5. Reset a User Password in Exchange Online

Purpose

Resetting passwords is critical for account recovery or after a suspected compromise. It ensures continued access and maintains tenant security.

Configuration Steps

Portal Method

  1. Go to Admin Center → Users → Active users.
  2. Select the user → Reset password.
  3. Generate a random password or set a custom one.
  4. Enable “Require user to change password at next sign-in.”

PowerShell

Set-MsolUserPassword -UserPrincipalName user2@contoso.com -NewPassword "TempPassw0rd!" -ForceChangePassword $true

Validation

  • The user logs in with the temporary password.
  • They’re prompted to change it immediately if ForceChangePassword is set to $true.

Best Practices

  • Enforce Multi-Factor Authentication (MFA) right after password resets.
  • Educate users about secure password practices.
  • Encourage Self-Service Password Reset (SSPR) to reduce helpdesk workload.

Use Case

  • Helpdesk resets credentials for locked accounts.
  • Security teams quickly revoke and reset credentials after a compromise.

Summary

These procedures form the foundation for Microsoft 365 tenant administration. From initial setup to user management and security enforcement, following these structured steps ensures a secure, efficient environment for testing or production operations.

Key PowerShell Commands Recap

# Connect to Microsoft 365
Connect-MsolService

# View available licenses
Get-MsolAccountSku

# Create user and assign license
New-MsolUser -UserPrincipalName user1@contoso.com -DisplayName "User One" -UsageLocation US -LicenseAssignment contoso:ENTERPRISEPACK

# Assign or remove licenses
Set-MsolUserLicense -UserPrincipalName user2@contoso.com -AddLicenses contoso:ENTERPRISEPACK
Set-MsolUserLicense -UserPrincipalName user2@contoso.com -RemoveLicenses contoso:ENTERPRISEPACK

# Reset password
Set-MsolUserPassword -UserPrincipalName user2@contoso.com -NewPassword "TempPassw0rd!" -ForceChangePassword $true
LinkedInCopyPinterestRedditTelegram

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by
Scroll to Top