OfficeDev · PsychoData · Jun 22, 2018 · Dec 16, 2018 · Dec 16, 2018 · Jan 25, 2019
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,3 @@
+
+*.csv
+ConfigForO365Investigations.json
diff --git a/DumpDelegatesandForwardingRules.ps1 b/DumpDelegatesandForwardingRules.ps1
@@ -1,29 +1,24 @@
-#Import the right module to talk with AAD
-import-module MSOnline
-
-#Let's get us an admin cred!
+#Let's get us an admin cred!
 $userCredential = Get-Credential
 
-#This connects to Azure Active Directory
-Connect-MsolService -Credential $userCredential
-
+#Connecting to Exchange Online
 $ExoSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $userCredential -Authentication Basic -AllowRedirection
-Import-PSSession $ExoSession
+Import-PSSession $ExoSession -DisableNameChecking | Out-Null
 
 $allUsers = @()
-$AllUsers = Get-MsolUser -All -EnabledFilter EnabledOnly | select ObjectID, UserPrincipalName, FirstName, LastName, StrongAuthenticationRequirements, StsRefreshTokensValidFrom, StrongPasswordRequired, LastPasswordChangeTimestamp | Where-Object {($_.UserPrincipalName -notlike "*#EXT#*")}
+$AllUsers = Get-Mailbox -ResultSize Unlimited
 
 $UserInboxRules = @()
 $UserDelegates = @()
 
 foreach ($User in $allUsers)
 {
     Write-Host "Checking inbox rules and delegates for user: " $User.UserPrincipalName;
-    $UserInboxRules += Get-InboxRule -Mailbox $User.UserPrincipalname | Select Name, Description, Enabled, Priority, ForwardTo, ForwardAsAttachmentTo, RedirectTo, DeleteMessage | Where-Object {($_.ForwardTo -ne $null) -or ($_.ForwardAsAttachmentTo -ne $null) -or ($_.RedirectsTo -ne $null)}
-    $UserDelegates += Get-MailboxPermission -Identity $User.UserPrincipalName | Where-Object {($_.IsInherited -ne "True") -and ($_.User -notlike "*SELF*")}
+    $UserInboxRules += Get-InboxRule -Mailbox $User.UserPrincipalname | Select-Object @{Name='Mailbox';Expression={$user.UserPrincipalName}},Name, Description, Enabled, Priority, ForwardTo, ForwardAsAttachmentTo, RedirectTo, DeleteMessage | Where-Object {($_.ForwardTo -ne $null) -or ($_.ForwardAsAttachmentTo -ne $null) -or ($_.RedirectTo -ne $null)}
+    $UserDelegates += Get-MailboxPermission -Identity $User.UserPrincipalName | Where-Object {($_.IsInherited -ne "True") -and ($_.User -notlike "*SELF*")} 
 }
 
-$SMTPForwarding = Get-Mailbox -ResultSize Unlimited | select DisplayName,ForwardingAddress,ForwardingSMTPAddress,DeliverToMailboxandForward | where {$_.ForwardingSMTPAddress -ne $null}
+$SMTPForwarding = $allUsers | Select-Object DisplayName,UserPrincipalName,ForwardingAddress,ForwardingSMTPAddress,DeliverToMailboxandForward | Where-Object {($_.ForwardingSMTPAddress -ne $null) -or ($_.ForwardingAddress -ne $null)}
 
 $UserInboxRules | Export-Csv MailForwardingRulesToExternalDomains.csv
 $UserDelegates | Export-Csv MailboxDelegatePermissions.csv

diff --git a/DumpDelegatesandForwardingRulesFromFile.ps1 b/DumpDelegatesandForwardingRulesFromFile.ps1
@@ -7,8 +7,9 @@ $userCredential = Get-Credential
 #This connects to Azure Active Directory
 Connect-MsolService -Credential $userCredential
 
+#Connecting to Exchange Online
 $ExoSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $userCredential -Authentication Basic -AllowRedirection
-Import-PSSession $ExoSession
+Import-PSSession $ExoSession -DisableNameChecking | Out-Null
 
 
 #Let's Pull in the list of all GUIDS
@@ -19,7 +20,7 @@ $allUsers = @()
 
 foreach ($guid in $UserGuids)
 {
-    $allUsers += Get-MsolUser -ObjectID $guid.ObjectId | select ObjectID, UserPrincipalName, FirstName, LastName, StrongAuthenticationRequirements, StsRefreshTokensValidFrom, StrongPasswordRequired, LastPasswordChangeTimestamp 
+    $allUsers += Get-MsolUser -ObjectID $guid.ObjectId | select-Object ObjectID, UserPrincipalName, FirstName, LastName, StrongAuthenticationRequirements, StsRefreshTokensValidFrom, StrongPasswordRequired, LastPasswordChangeTimestamp 
 }
 
 $UserInboxRules = @()
@@ -28,7 +29,7 @@ $UserDelegates = @()
 foreach ($User in $allUsers)
 {
     Write-Host "Checking inbox rules and delegates for user: " $User.UserPrincipalName;
-    $UserInboxRules += Get-InboxRule -Mailbox $User.UserPrincipalname | Select Name, Description, Enabled, Priority, ForwardTo, ForwardAsAttachmentTo, RedirectTo, DeleteMessage | Where-Object {($_.ForwardTo -ne $null) -or ($_.ForwardAsAttachmentTo -ne $null) -or ($_.RedirectsTo -ne $null)}
+    $UserInboxRules += Get-InboxRule -Mailbox $User.UserPrincipalname | Select-Object @{Name='Mailbox';Expression={$user.UserPrincipalName}}, Name, Description, Enabled, Priority, ForwardTo, ForwardAsAttachmentTo, RedirectTo, DeleteMessage | Where-Object {($_.ForwardTo -ne $null) -or ($_.ForwardAsAttachmentTo -ne $null) -or ($_.RedirectsTo -ne $null)}
     $UserDelegates += Get-MailboxPermission -Identity $User.UserPrincipalName | Where-Object {($_.IsInherited -ne "True") -and ($_.User -notlike "*SELF*")}
 }
 

diff --git a/EnableMailboxAuditing.ps1 b/EnableMailboxAuditing.ps1
@@ -7,7 +7,7 @@ $ExoSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri
 Import-PSSession $ExoSession
 
 #Enable global audit logging
-Get-Mailbox -ResultSize Unlimited -Filter {RecipientTypeDetails -eq "UserMailbox" -or RecipientTypeDetails -eq "SharedMailbox" -or RecipientTypeDetails -eq "RoomMailbox" -or RecipientTypeDetails -eq "DiscoveryMailbox"} | Set-Mailbox -AuditEnabled $true -AuditLogAgeLimit 180 -AuditAdmin Update, MoveToDeletedItems, SoftDelete, HardDelete, SendAs, SendOnBehalf, Create, UpdateFolderPermission -AuditDelegate Update, SoftDelete, HardDelete, SendAs, Create, UpdateFolderPermissions, MoveToDeletedItems, SendOnBehalf -AuditOwner UpdateFolderPermission, MailboxLogin, Create, SoftDelete, HardDelete, Update, MoveToDeletedItems 
+Get-Mailbox -ResultSize Unlimited -Filter {RecipientTypeDetails -eq "UserMailbox" -or RecipientTypeDetails -eq "SharedMailbox" -or RecipientTypeDetails -eq "RoomMailbox" -or RecipientTypeDetails -eq "DiscoveryMailbox"} | Set-Mailbox -AuditEnabled $true -AuditLogAgeLimit 180 -AuditAdmin Update, MoveToDeletedItems, SoftDelete, HardDelete, SendAs, SendOnBehalf, Create, UpdateFolderPermission, UpdateInboxRules, UpdateCalendarDelegation -AuditDelegate Update, SoftDelete, HardDelete, SendAs, Create, UpdateFolderPermissions, MoveToDeletedItems, SendOnBehalf -AuditOwner UpdateFolderPermission, MailboxLogin, Create, SoftDelete, HardDelete, Update, MoveToDeletedItems, UpdateInboxRules, UpdateCalendarDelegation
 
 #Double-Check It!
 Get-Mailbox -ResultSize Unlimited | Select Name, AuditEnabled, AuditLogAgeLimit | Out-Gridview
diff --git a/Get-AllTenantRulesAndForms.ps1 b/Get-AllTenantRulesAndForms.ps1
@@ -159,7 +159,7 @@ Import-PSSession $ExoSession
 
 
 #Get all the mailboxes
-$mailBoxes = Get-Mailbox | Select UserPrincipalName
+$mailBoxes = Get-Mailbox -ResultSize Unlimited | Select UserPrincipalName
 ("Number of mailboxes to process: " + $mailBoxes.Count.ToString())
 
 #For Every Mailbox, get all the rules and dump them to a big file

diff --git a/InactiveUsersLast90Days.ps1 b/InactiveUsersLast90Days.ps1
@@ -1,25 +1,31 @@
-import-module MSOnline
-
+import-module MSOnline
+ 
 #Let's get us an admin cred!
 $userCredential = Get-Credential
-
-#This connects to Azure Active Directory
+ 
+#This connects to Azure Active Directory and passes admincreds
 Connect-MsolService -Credential $userCredential
 $ExoSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $userCredential -Authentication Basic -AllowRedirection
 Import-PSSession $ExoSession
 
-$startDate = (Get-Date).AddDays(-90).ToString('MM/dd/yyyy')
+# Minus 90 Days from Today (Can Change to lower value)
+$InactiveDays = -90
+$startDate = (Get-Date).AddDays($InactiveDays).ToString('MM/dd/yyyy')
+#Todays current date
 $endDate = (Get-Date).ToString('MM/dd/yyyy')
 
+#Creates Array for Users
 $allUsers = @()
-$allUsers = Get-MsolUser -All -EnabledFilter EnabledOnly | Select UserPrincipalName
+#Uses Get-MsolUser cmdlet to get UPN
+$allUsers = Get-MsolUser -All -EnabledFilter EnabledOnly | Select-Object UserPrincipalName
 
+#Creates another Array for dates
 $loggedOnUsers = @()
 $loggedOnUsers = Search-UnifiedAuditLog -StartDate $startDate -EndDate $endDate -Operations UserLoggedIn, PasswordLogonInitialAuthUsingPassword, UserLoginFailed -ResultSize 5000
+#Creates Array for UPNs not included.
+$inactiveUsers = @()
+$inactiveUsers = $allUsers.UserPrincipalName | where-Object {$loggedOnUsers.UserIds -NotContains $_}
 
-$inactiveInLastThreeMonthsUsers = @()
-$inactiveInLastThreeMonthsUsers = $allUsers.UserPrincipalName | where {$loggedOnUsers.UserIds -NotContains $_}
-
-Write-Output "The following users have no logged in for the last 90 days:"
-Write-Output $inactiveInLastThreeMonthsUsers
-
+#Prints Results
+Write-Output "The following users have not logged in for the last 90 days:"
+Write-Output $inactiveUsers