Skip to content

Instantly share code, notes, and snippets.

View michevnew's full-sized avatar

Vasil Michev michevnew

93 followers · 0 following
View GitHub Profile
@michevnew
michevnew / ExO_session_access_token.ps1
Created May 23, 2025 14:06
Grab an access token out of established Exchange Online PowerShell session
#Get any existing contexts
$context = [Microsoft.Exchange.Management.ExoPowershellSnapin.ConnectionContextFactory]::GetAllConnectionContexts()
#Get an existing token from the cache
$context[0].TokenProvider.GetValidTokenFromCache("Get-Mailbox").AuthorizationHeader
#Or generate a new one
$context[0].TokenProvider.GetAccessToken()
@michevnew
michevnew / GraphSDK_get_token.ps1
Created March 11, 2025 12:36
Capture the access token Graph SDK for PowerShell uses
$req = Invoke-MgGraphRequest -Uri "https://graph.microsoft.com/v1.0/me" -OutputType HttpResponseMessage
$authHeader = @{
Authorization = "Bearer $($req.RequestMessage.Headers.Authorization.Parameter)"
}
@michevnew
michevnew / Graph_CA_check_user.ps1
Created March 10, 2025 15:53
#region Functions
function Get-Members {
param (
[Parameter(Mandatory=$true)][string[]]$groupIds
)
$members = @()
foreach ($groupId in $groupIds) {
$uri = "https://graph.microsoft.com/beta/groups/$groupId/transitiveMembers?`$top=999&`$select=id"
@michevnew
michevnew / Graph_MFA_settings.ps1
Created March 10, 2025 15:47
Get or set tenant MFA settings via REST API
#Load the MSAL binaries
Add-Type -Path "C:\Program Files\WindowsPowerShell\Modules\MSAL\Microsoft.Identity.Client.dll"
#Leverage the ADIbizaUX app
$app = [Microsoft.Identity.Client.PublicClientApplicationBuilder]::Create("1950a258-227b-4e31-a9cf-717495945fc2").WithRedirectUri("urn:ietf:wg:oauth:2.0:oob").WithTenantId("tenant.onmicrosoft.com").Build()
#Set the scope
$Scopes = New-Object System.Collections.Generic.List[string]
$Scope = "74658136-14ec-4630-ad9b-26e160ff0fc6/.default"
$Scopes.Add($Scope)
@michevnew
michevnew / get_token_CBA.ps1
Created March 10, 2025 15:35
Get access token via CBA
# Define variables
$tenantId = "tenant.onmicrosoft.com"
$appId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
$thumbprint = "2B12FD0A0BF106B1A1C2C3D70C7395CD111574B1"
$resource = "https://graph.microsoft.com"
$authUrl = "https://login.microsoftonline.com/$tenantId/oauth2/token"
# Create a certificate object
$cert = Get-Item -Path Cert:\CurrentUser\My\$thumbprint
@michevnew
michevnew / GenerateFolderId.ps1
Created January 27, 2025 14:59
PowerShell function to generate folder ID for use with eDiscovery targeted collection feature
function GenerateFolderId ($mailbox,$folderName) {
$folderId = [System.Convert]::FromBase64String((Get-MailboxFolderStatistics $mailbox | ? { $_.Name -eq "$folderName" }).FolderId)
$encoding = [System.Text.Encoding]::GetEncoding("us-ascii")
$nibbler = $encoding.GetBytes("0123456789ABCDEF")
$indexIdBytes = New-Object byte[] 48; $indexIdIdx = 0;
$folderId | select -Skip 23 -First 24 | % { $indexIdBytes[$indexIdIdx++] = $nibbler[$_ -shr 4]; $indexIdBytes[$indexIdIdx++] = $nibbler[$_ -band 0xF] }
return $encoding.GetString($indexIdBytes)
}
@michevnew
michevnew / mg_user_remove_all_licenses.ps1
Created October 22, 2021 09:16
Bulk remove licenses for a list of users via the Microsoft Graph PowerShell module
Connect-MgGraph -Tenant tenant.onmicrosoft.com -Scopes User.ReadWrite.All
#Import the list of users, or generate it dynamically as needed
$users = Import-Csv .\Users-to-disable.csv
#$users = Get-MgUser -Filter "Department eq 'Marketing'"
foreach ($user in $users) {
Write-Verbose "Processing licenses for user $($user.UserPrincipalName)"
try { $user = Get-MgUser -UserId $user.UserPrincipalName -ErrorAction Stop }
catch { Write-Verbose "User $($user.UserPrincipalName) not found, skipping..." ; continue }
@michevnew
michevnew / AAD_user_remove_all_licenses.ps1
Created October 21, 2021 08:09
Bulk remove licenses for a list of users via the Azure AD PowerShell module
$users = Import-Csv .\Users-to-disable.csv
foreach ($user in $users) {
Write-Verbose "Processing licenses for user $($user.UserPrincipalName)"
try { $user = Get-AzureADUser -ObjectId $user.UserPrincipalName -ErrorAction Stop }
catch { continue }
$SKUs = @($user.AssignedLicenses)
if (!$SKUs) { Write-Verbose "No Licenses found for user $($user.UserPrincipalName), skipping..." ; continue }
@michevnew
michevnew / Graph_SecurityDefaults
Created August 11, 2020 12:47
Toggle Azure AD Security Defaults on or off via Graph API
#Set the authentication details
$tenantID = "tenant.onmicrosoft.com" #your tenantID or tenant root domain
$appID = "12345678-1234-1234-1234-1234567890AB" #the GUID of your app. For best result, use app with Policy.Read.All and Policy.ReadWrite.ConditionalAccess scopes granted
$client_secret = "XXXXXXXXXXXXXXXxxxx" #client secret for the app
$body = @{
client_id = $AppId
scope = "https://graph.microsoft.com/.default"
client_secret = $client_secret
grant_type = "client_credentials"
@michevnew
michevnew / Graph_Block_MSOL_PS
Last active September 21, 2023 00:46
Use the Graph API endpoints to block access to MSOnline PowerShell cmdlets
#Set the authentication details
$tenantID = "tenant.onmicrosoft.com" #your tenantID or tenant root domain
$appID = "12345678-1234-1234-1234-1234567890AB" #the GUID of your app. For best result, use app with Policy.ReadWrite.Authorization scope granted.
$client_secret = "XXXXXXXXXXXXXXXxxxx" #client secret for the app
$body = @{
client_id = $AppId
scope = "https://graph.microsoft.com/.default"
client_secret = $client_secret
grant_type = "client_credentials"