This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original scripts sourced from https://gcits.com/knowledge-base/enabling-unified-audit-log-delegated-office-365-tenants-via-powershell/ | |
How to use these scripts: | |
1. Modify the headers of each script to suit your environment (username, admin password, admin prefix, CSV paths, etc) | |
2. Run GetAuditStats.ps1 and sign into your account with delegated admin access when prompted - wait at least 12 hours after running this script before proceeding to step 3 to allow any new admin accounts to properly provision | |
3. Run EnableOrgCustomisation.ps1 and sign into your account with delegated admin access when prompted - wait at least 48 hours after running this script before proceeding to step 4 to ensure that tenants are properly hydrated | |
a. You may need to rerun this script 2 or 3 times to ensure that every tenant is hydrated. It seems like sometimes the hydration command errors out and doesn't properly hydrate a tenant on the first go ¯\_(ツ)_/¯. | |
4. Run EnableAuditing.ps1 and sign into your account with delegated |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# https://www.cyberdrain.com/connect-to-exchange-online-automated-when-mfa-is-enabled-using-the-secureapp-model/ | |
$ApplicationId = 'xxxx-xxxx-xxx-xxxx-xxxx' | |
$ApplicationSecret = 'TheSecretTheSecrey' | Convertto-SecureString -AsPlainText -Force | |
$TenantID = 'YourTenantID' | |
$RefreshToken = 'RefreshToken' | |
$ExchangeRefreshToken = 'ExchangeRefreshToken' | |
$upn = 'UPN-Used-To-Generate-Tokens' | |
$credential = New-Object System.Management.Automation.PSCredential($ApplicationId, $ApplicationSecret) | |
$azureResourceGroup = "YourAzureResourceGroupName" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
param( | |
[Parameter(Mandatory = $true, | |
Position = 0, | |
HelpMessage = "Path to exported files from the tenant.")] | |
[ValidateNotNullOrEmpty()] | |
[string] | |
$TenantExportPath, | |
[Parameter(Mandatory = $true, | |
Position = 1, |