Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #===============================================================================================
- # AUTHOR: Brad Wright
- # CO-AUTHOR: Dan Shepard
- # DATE: 05-24-2018
- # Version v1.1
- # COMMENT: Used with MFA Office 365
- #===============================================================================================
- #This powershell script will create 4 different files
- #InactiveUsers.csv - list of all accounts not used for 90+ days
- #list-admins.csv - list of all global admin accounts
- #MailboxDelegatePermissions.csv - list of all mailbox delegate permissions
- #MailForwardingRulesToExternalDomains - list of all user based rules
- Clear-Host
- Write-Output "Blue Sprue Capital - Weekly report for Office 365"
- Write-Output "Please login to Office 365 with the Global Admin account"
- #Connect to Office365
- $credential = Get-Credential
- Install-Module MsOnline
- Connect-MsolService -Credential $credential
- $exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://outlook.office365.com/powershell-liveid/" -Credential $credential -Authentication "Basic" -AllowRedirection
- Import-PSSession $exchangeSession -DisableNameChecking
- #Clear-Host
- Write-Output "This is going to take a while go get some coffee"
- ############ Delegates & Forwarding Rules ###############
- #Find all users within Office 365
- $allUsers = @()
- $AllUsers = Get-MsolUser -All -EnabledFilter EnabledOnly | Where-Object {($_.UserPrincipalName -notlike "*#EXT#*")}
- #Create arrays
- $UserInboxRules = @()
- $UserDelegates = @()
- #Foreach for all users
- foreach ($User in $allUsers)
- {
- Write-Host "Checking inbox rules and delegates for user: " $User.UserPrincipalName;
- $UserInboxRules += Get-InboxRule -Mailbox $User.UserPrincipalname | Where-Object {($_.ForwardTo -ne $null) -or ($_.ForwardAsAttachmentTo -ne $null) -or ($_.RedirectsTo -ne $null)}
- $UserDelegates += Get-MailboxPermission -Identity $User.UserPrincipalName | Where-Object {($_.IsInherited -ne "True") -and ($_.User -notlike "*SELF*")}
- }
- #export findings to a file
- $UserInboxRules | Select Enabled, Identity, Name, From, SentTo, CopyToFolder, DeleteMessage, ForwardTo, MailboxOwnerID | Export-Csv '~\Desktop\MailForwardingRulesToExternalDomains.csv' -NoType
- $UserDelegates | Select User, Identity, AccessRights | Export-Csv '~\Desktop\MailboxDelegatePermissions.csv' -NoType
- ########## End Delegates & Forwarding Rules ############
- ################## List Admin's ########################
- #Which role we are looking for
- $role = Get-MsolRole -RoleName "Company Administrator"
- #export findings to a file
- Get-MsolRoleMember -RoleObjectId $role.ObjectId | Select DisplayName, Emailaddress, IsLicensed, LastDirSyncTime, OverallProvisioningStatus, ValidationStatus |Export-CSV '~\Desktop\list-admins.csv' -NoType
- ################ #End List Admin's #####################
- ################ Inactive Accounts #####################
- #http://www.itfunk.com/2017/01/27/powershell-to-find-inactive-user-accounts-in-office-365/
- Get-Mailbox -ResultSize Unlimited | Get-MailboxStatistics | where {$_.LastLogonTime -lt ((get-date).AddDays(-90))} | Select displayname, lastlogontime | Export-csv '~\Desktop\InactiveUsers.csv' -NoType
- ############## End Inactive Accounts ###################
- Clear-Host
- Write-Output "Blue Sprue Capital - Weekly report for Office 365"
- Write-Output "Finished, please check the main directory for the CSV files"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement