GhokxDamptine

Renew MSO 365 Groups, for MS Teams

Jun 16th, 2020
50
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <#
  2. Script:         Auto-Renew Groups; Thwart Expirations
  3. Date:           June 2020
  4. Scripter:       Trey Bentley
  5. Description:    This script renews MSO 365 groups, so that they don't expire.
  6.     Requires the Group's ID, to avoid same-name conflicts. Run as a weekly
  7.     scheduled task in Task Scheduler with something like:
  8.         Action: Start a program
  9.         Program/script: C\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
  10.         Add an argument: -File "C:\Scripts\MS_Teams\expirationExceptions.ps1"
  11. #>
  12.  
  13. #############################
  14. #   User Variables
  15. #############################
  16. # List the IDs of the group(s)/team(s) to auto-renew.
  17. $renewGrps = @(
  18. "b945caa3-2d6b-420c-9589-ca3b2df54ff4", # Exception Team 1
  19. "8f610d8d-1105-4218-ab18-94565efba92e", # Exception Team 2
  20. "9910e40a-91ba-49a9-9b41-04b5b64e2520"  # Exception Team 3
  21. )##### !!!!!!! No comma on the last entry. !!!!!!! #####
  22.  
  23. ###############
  24. #   AzureAD Online Credentials
  25. ###############
  26. # What is the Global Admin Service Account for your AzureAD?
  27. $aadUsr = "ga@initech.net"
  28.  
  29. # Where is the secure password file for the above service account?
  30. # You can create the file with something like:
  31. #PS>    (Get-Credential).Password | ConvertFrom-SecureString | Out-File "ad_LdapUser.pwd"
  32. $aadPwdFile = "./secure.pwd";
  33.  
  34. ###############
  35. #   Log File
  36. ###############
  37. # Where do you want for your log file to go?
  38. #   Provided is same path as scriptfile, and with the same name as the
  39. #   scriptfile, but with a .log extention.
  40. # $logFile = "./" + (split-path $MyInvocation.PSCommandPath -Leaf).split('.')[0] + ".log"
  41. $logFile = "./" + (split-path $MyInvocation.PSCommandPath -Leaf).split('.')[0] + ".log"
  42.  
  43. #############################
  44. #   Initialize
  45. #############################
  46.  
  47. # Set up credential variable for use in a few nanoseconds.
  48. $aadPwd  = Get-Content "${aadPwdFile}" | ConvertTo-SecureString;
  49. $cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $aadUsr,$aadPwd;
  50.  
  51. # Import the module, and connect to AzueAD.
  52. Import-Module AzureAD;
  53. Connect-AzureAD -Credential $cred;
  54.  
  55. # Create the sesion, and import it for use.
  56. $aadSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/PowerShell/ -Credential $cred -Authentication Basic -AllowRedirection;
  57. Import-PSSession $aadSession;
  58.  
  59. # Logger Feature
  60. function log{
  61.     param($msg)
  62.    
  63.     $time = (Get-Date -f "yyyy-MM-dd HH:mm:ss")
  64.     Write-Host "${time} ${msg}"
  65. }
  66.  
  67. Start-Transcript -Path "${logFile}" -Append -IncludeInvocationHeader
  68. log "######################################################";
  69. log "Starting new run.";
  70.  
  71. #############################
  72. #   Main Script
  73. #############################
  74. foreach ($grp in $renewGrps) {
  75.     log "Attempting to renew: ${grp}";
  76.    
  77.     $timeOld = (Get-AzureADMSGroup -Id $grp).RenewedDateTime;
  78.     log "Current renew timestamp: ${timeOld}";
  79.    
  80.     log "Attempting to reset timestamp";
  81.     $renewRs = Reset-AzureADMSLifeCycleGroup -GroupId $grp;
  82.     log "Result: ${renewRs}";
  83.    
  84.     $timeNew = (Get-AzureADMSGroup -Id $grp).RenewedDateTime;
  85.     log "Current renew timestamp: ${timeNew}";
  86. }
  87.  
  88.  
  89. log "Removing session....";
  90. Remove-PSSession $aadSession
  91.  
  92. log "Stopping transcript....";
  93. Stop-Transcript;
RAW Paste Data